CVE-2025-67081
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| itflow-org | itflow | to 25.06|start_including=25.07 (inc) |
| itflow-org | itflow | to 25.11|start_including=25.12 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-67081 is an authenticated SQL injection vulnerability in ITFlow versions up to 25.06, specifically in the 'role_id' parameter when editing a profile. An attacker with an admin account can exploit this blind SQL injection flaw due to insufficient sanitization of an integer parameter, allowing them to inject SQL code and extract arbitrary data from the database. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this SQL injection vulnerability involves monitoring for suspicious activity on the 'role_id' parameter in the admin role management feature. Since the vulnerability is a blind SQL injection via the 'role_id' parameter, one approach is to test the parameter with SQL injection payloads in a controlled environment. For example, using tools like sqlmap targeting the 'role_id' parameter in POST requests to the profile editing endpoint. Specific commands might include: sqlmap -u https://your-itflow-instance/path --data="role_id=1" --risk=3 --level=5 --batch --dbms=mysql --param-filter=role_id. Additionally, monitoring logs for unusual SQL errors or unexpected database responses when admin users edit roles can help detect exploitation attempts. However, no explicit detection commands are provided in the resources. [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade ITFlow to version 25.07 or later, as this version includes the patch that fixes the SQL injection vulnerability in the 'role_id' parameter. This upgrade addresses the insufficient sanitization and prevents exploitation. Until the upgrade can be applied, restrict admin access to trusted users only and monitor for suspicious activity related to role editing. [2]
How can this vulnerability impact me? :
This vulnerability can allow an attacker with admin access to extract sensitive data from the database without authorization. Depending on the database permissions and application logic, it may also enable modification of database records or privilege escalation, potentially compromising the integrity and confidentiality of your data. [2]