CVE-2025-10121
BaseFortify
Publication date: 2025-09-09
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| uverif | uverif | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a SQL injection flaw in the uverif system (up to version 3.2), specifically in the addbatch function of the /admin/kami_list file. An attacker can manipulate the 'note' parameter in a request to inject malicious SQL code. This injection exploits improper input sanitization, allowing the attacker to execute SQL commands remotely. For example, the attacker can use an error-based SQL injection payload that triggers an XPath syntax error to leak sensitive database information. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to remotely execute arbitrary SQL commands on the backend database of the uverif system. This can lead to unauthorized access to sensitive data, data leakage, data manipulation, or disruption of service. Since the exploit is publicly available, attackers can easily leverage it to compromise the system's confidentiality and integrity. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending a crafted HTTP POST request to the endpoint /admin/kami_list with a specially crafted payload in the 'note' parameter designed to trigger an SQL injection error. For example, you can use curl to send the following request: curl -X POST http://<target-host>/admin/kami_list -d "note='and/**/extractvalue(1,concat(char(126),md5(1836161162)))and'&other_parameters=values" If the response contains an XPath syntax error and reveals the MD5 hash '7571a4a2e631bdb1c88ae6a490cec2c', it confirms the presence of the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /admin/kami_list endpoint to trusted users only, applying input validation and sanitization on the 'note' parameter to prevent SQL injection, and monitoring for suspicious POST requests containing SQL injection payloads. Additionally, consider applying any available patches or updates from the vendor or disabling the vulnerable functionality until a fix is applied. [1]