CVE-2025-11910
BaseFortify
Publication date: 2025-10-17
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| streamax | streamax_crocus | 1.3.40 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-11910 is a SQL injection vulnerability in Shenzhen Ruiming Technology Streamax Crocus version 1.3.40. It affects the Query function of the endpoint /MemoryState.do?Action=Query, specifically through manipulation of the orderField parameter. This allows remote attackers to inject malicious SQL commands, potentially compromising the database. The vulnerability has been publicly disclosed, exploits are available, and the vendor did not respond to the disclosure. [1, 3]
How can this vulnerability impact me? :
This vulnerability can allow remote attackers to execute arbitrary SQL commands on the affected system, leading to unauthorized data access, data modification, or other malicious actions. Because the exploit is publicly available and the vendor has not provided a fix, systems using this software are at high risk of compromise, which could result in data breaches, operational disruption, or further exploitation by threat actors. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious requests to the endpoint `/MemoryState.do?Action=Query` with unusual or malicious input in the `orderField` parameter, which is vulnerable to SQL injection. Detection can involve inspecting web server logs or using network monitoring tools to identify attempts to exploit this parameter. Specific commands might include using curl or wget to test the endpoint with crafted payloads, for example: `curl -G 'http://<target>/MemoryState.do' --data-urlencode 'Action=Query' --data-urlencode 'orderField=1 OR 1=1'` to check for SQL injection responses. Additionally, searching logs for requests containing `orderField` with suspicious SQL keywords (e.g., 'OR', 'AND', '--') can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable endpoint `/MemoryState.do?Action=Query` by implementing network-level controls such as firewalls or access control lists to limit who can reach this service. Additionally, input validation and sanitization should be applied to the `orderField` parameter to prevent SQL injection. If possible, disable or restrict the vulnerable functionality until a patch or update is available. Monitoring for exploitation attempts and applying web application firewall (WAF) rules to block malicious payloads targeting this parameter can also help reduce risk. Since the vendor has not responded, applying these mitigations is critical to reduce exposure. [1]