CVE-2025-8124
BaseFortify
Publication date: 2025-07-25
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deerwms | deer-wms-2 | to 3.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8124 is a critical SQL injection vulnerability in the deerwms deer-wms-2 Warehouse Management System versions up to 3.3. It occurs in the endpoint /system/role/authUser/unallocatedList due to improper handling of the user-controllable parameter params[dataScope]. This parameter is directly injected into an SQL query without proper sanitization or use of prepared statements, allowing attackers to inject malicious SQL code. This flaw enables attackers to execute arbitrary SQL commands remotely without authentication, potentially compromising the confidentiality, integrity, and availability of the system. [1, 2, 3]
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow attackers to extract sensitive information from the database, such as user data and system details. Attackers may also escalate their privileges and gain full control over the server hosting the application. Since the attack can be performed remotely without authentication and a public proof-of-concept exploit exists, the risk of compromise is high. This can lead to data breaches, system downtime, and unauthorized access to critical resources. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP POST requests to the endpoint `/system/role/authUser/unallocatedList` with malicious payloads in the `params[dataScope]` parameter to test for SQL injection. For example, you can use curl to send a payload that attempts to extract database information: `curl -X POST -d "params[dataScope]=and extractvalue(1,concat(0x7e,(select database()),0x7e))" https://<target>/system/role/authUser/unallocatedList`. If the response contains database error messages or data, it indicates the presence of the SQL injection vulnerability. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected product with an alternative solution, as no known countermeasures or patches are currently available. Additionally, restricting access to the vulnerable endpoint, implementing web application firewalls (WAF) to detect and block SQL injection attempts, and monitoring for suspicious activity can help reduce risk until a fix or update is provided. [1]