CVE-2025-7894
BaseFortify
Publication date: 2025-07-20
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| onyx | onyx | to 0.29.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7894 is a critical SQL injection vulnerability in the Onyx Chat Interface up to version 0.29.1. It exists in the function generate_simple_sql, which improperly sanitizes user input when constructing SQL queries. This flaw allows an attacker to inject arbitrary SQL code remotely by sending crafted requests to the /api/send-message endpoint. The injected SQL can manipulate the database queries, potentially exposing sensitive data such as user credentials. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access and theft of sensitive database information, including user credentials, personally identifiable information, financial and proprietary data. It may also allow data manipulation if the database user has write permissions, causing system disruption, loss of user trust, and reputational damage. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious or crafted JSON requests sent to the /api/send-message endpoint, especially those containing SQL injection patterns such as payloads that close string literals and append UNION SELECT statements. Network or application logs should be inspected for such anomalous inputs. Specific commands are not provided in the resources, but detection could involve using tools like web application firewalls (WAF) with SQL injection detection rules, or custom scripts to scan logs for typical SQL injection payloads like "') UNION SELECT". Additionally, monitoring for unexpected database queries or errors related to SQL syntax could help identify exploitation attempts. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling the vulnerable Knowledge Graph query tool to prevent exploitation. Implementing strict input validation to block suspicious or malformed inputs targeting the generate_simple_sql function is also recommended. For a permanent fix, refactor the generate_simple_sql function to avoid direct SQL string execution generated by the LLM, and instead use structured query intents (e.g., JSON) safely translated into parameterized SQL queries using trusted libraries such as SQLAlchemy Core. Since no official patch or vendor response is available, users are advised to consider replacing the affected component with an alternative product. [2, 3]