CVE-2025-8127
BaseFortify
Publication date: 2025-07-25
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deerwms | deer-wms-2 | to 3.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8127 is a critical SQL injection vulnerability in the deerwms deer-wms-2 software (up to version 3.3). It occurs in the /system/user/list endpoint where the parameter params[dataScope] is not properly sanitized and is directly injected into the SQL query without using prepared statements. This allows an attacker to inject malicious SQL code remotely, potentially extracting sensitive data or gaining control over the server. [1, 2, 3]
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow attackers to retrieve sensitive information from the database, modify or delete data, escalate privileges, and potentially gain full control over the affected server. This can lead to data leakage, data corruption, denial of service, and compromise of the confidentiality, integrity, and availability of the system. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP POST requests to the /system/user/list endpoint with malicious payloads in the params[dataScope] parameter to test for SQL injection. For example, using curl to send a payload that attempts to extract database information: curl -X POST http://<target-host>:<port>/system/user/list -H "Content-Type: application/x-www-form-urlencoded" -d "params[dataScope]=and extractvalue(1,concat(0x7e,(select database()),0x7e))". If the response contains database error messages or extracted data, it indicates the presence of the vulnerability. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected software with an alternative product, as no known mitigations or countermeasures have been identified. Additionally, restricting access to the vulnerable endpoint, applying network-level protections such as web application firewalls (WAF) to detect and block SQL injection attempts, and monitoring for suspicious activity can help reduce risk until a secure patch or update is available. [2]