CVE-2025-8162
BaseFortify
Publication date: 2025-07-25
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deerwms | deer-wms-2 | to 3.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8162 is a critical SQL injection vulnerability in the deerwms warehouse management system (deer-wms-2) versions up to 3.3. It occurs because the application improperly handles user input in the parameter params[dataScope] passed to the /system/dept/list endpoint. This parameter is directly injected into SQL queries without sanitization or use of prepared statements, allowing attackers to inject malicious SQL code. This can lead to unauthorized access to sensitive database information or even full control over the affected server. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to remotely execute arbitrary SQL commands on your database through the vulnerable parameter. This can lead to unauthorized disclosure of sensitive data, modification or deletion of data, and potentially full compromise of the server hosting the application. Since the exploit is publicly available and requires no authentication, the risk of exploitation is high. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP requests to the vulnerable endpoint `/system/dept/list` with malicious payloads in the `params[dataScope]` parameter to test for SQL injection. For example, a GET request like `GET /system/dept/list?params[dataScope]=and extractvalue(1,concat(0x7e,(select database()),0x7e))` can be used to trigger an SQL error revealing the database name, confirming the presence of the vulnerability. Network monitoring tools can also look for such suspicious requests targeting this endpoint with unusual parameters. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or blocking access to the vulnerable endpoint `/system/dept/list` to untrusted users, applying input validation or filtering on the `params[dataScope]` parameter to prevent injection of malicious SQL code, and considering replacing the affected software with an alternative product as no known countermeasures or patches are currently available. Additionally, monitoring for exploitation attempts and applying network-level protections such as web application firewalls (WAF) can help reduce risk until a proper fix is implemented. [2, 3]