Login Sign Up

CVE-2019-25298

9.1 CRITICAL
SQL Injection

📋 TL;DR

CVE-2019-25298 is an SQL injection vulnerability in html5_snmp 1.11 that allows attackers to manipulate database queries through Router_ID and Router_IP parameters. Attackers can use error-based, time-based, and union-based injection techniques to extract or modify database information. This affects systems running the vulnerable html5_snmp software.

💻 Affected Systems

Products:
  • html5_snmp
Versions: 1.11
Operating Systems: Linux, Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the web interface component of html5_snmp where Router_ID and Router_IP parameters are processed.

📦 What is this software?

Html5 Snmp by Lolypop55

View all CVEs affecting Html5 Snmp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full database compromise allowing data exfiltration, modification, or deletion; potential privilege escalation to system-level access.

🟠

Likely Case

Unauthorized access to SNMP configuration data, network topology information, and potential manipulation of monitoring data.

🟢

If Mitigated

Limited impact with proper input validation and database permissions in place.

🌐 Internet-Facing: HIGH - Web interface accessible from internet with SQL injection vulnerabilities.
🏢 Internal Only: MEDIUM - Still significant risk if attacker gains internal network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code available on Exploit-DB; multiple injection techniques supported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a different SNMP monitoring solution or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement input validation for Router_ID and Router_IP parameters to reject SQL injection patterns.

Modify application code to sanitize inputs using parameterized queries or prepared statements

Web Application Firewall

all

Deploy WAF with SQL injection rules to block malicious payloads.

Configure WAF rules to detect and block SQL injection patterns in Router_ID and Router_IP parameters

🧯 If You Can't Patch

  • Isolate html5_snmp system on separate network segment with strict access controls
  • Implement network-level monitoring for SQL injection attempts against the web interface

🔍 How to Verify

Check if Vulnerable:

Test Router_ID and Router_IP parameters with SQL injection payloads like ' OR '1'='1

Check Version:

Check html5_snmp version in web interface or configuration files

Verify Fix Applied:

Verify input validation prevents SQL injection payloads and returns appropriate error messages

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed login attempts with SQL patterns

Network Indicators:

  • HTTP requests containing SQL keywords (SELECT, UNION, etc.) in Router_ID/Router_IP parameters

SIEM Query:

web.url:* AND (web.param:*SELECT* OR web.param:*UNION* OR web.param:*OR '1'='1*)

📊 Metadata

CVE ID: CVE-2019-25298
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-89
Published: February 6, 2026
Last Updated: March 2, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-25298, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)