CVE-2025-6768
BaseFortify
Publication date: 2025-06-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6768 is a critical SQL injection vulnerability in the sfturing hosp_order application. It exists in the function findAllHosByCondition within HospitalServiceImpl.java, where the hospitalName argument is improperly sanitized. This allows an attacker to inject arbitrary SQL code remotely, potentially compromising the database by executing unauthorized SQL commands. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can allow unauthorized attackers to execute arbitrary SQL commands on the affected system's database. This can lead to unauthorized data access, data modification, or deletion, compromising the confidentiality, integrity, and availability of the system's data. Since the exploit is publicly available and remotely executable, it poses a significant security risk. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious SQL injection attempts targeting the hospitalName parameter in requests to the hosp_order application, especially POST requests to endpoints like /ssm_pro/allHos/1. An example detection method is to look for unusual SQL syntax or payloads in HTTP request logs, such as those containing SQL functions like GTID_SUBSET or CONCAT. A practical command to detect such attempts in web server logs could be: grep -iE "hospitalName=.*(GTID_SUBSET|CONCAT|--|')" /path/to/access.log. Additionally, using web application firewalls (WAF) with SQL injection detection rules can help identify exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting access to the vulnerable function findAllHosByCondition in HospitalServiceImpl.java, especially the hospitalName parameter input. Since no official patches or updated versions are available, it is recommended to implement input validation and sanitization to prevent SQL injection, such as using parameterized queries or prepared statements. If possible, replace the affected component with an alternative product. Additionally, monitor and block suspicious traffic patterns exploiting this vulnerability and consider deploying a web application firewall (WAF) to filter malicious SQL injection payloads. [3]