CVE-2025-0699 – This CVE describes a critical SQL injection vul... (How to Fix)

Q: What is the severity of CVE-2025-0699?

CVE-2025-0699 has a CVSS score of 6.3 (MEDIUM). This CVE describes a critical SQL injection vulnerability in JoeyBling bootplus software affecting the /admin/sys/role/list endpoint. Attackers can exploit this by manipulating the 'sort' parameter to execute arbitrary SQL commands remotely. Any system running vulnerable versions of bootplus with the admin interface exposed is affected.

📋 TL;DR

This CVE describes a critical SQL injection vulnerability in JoeyBling bootplus software affecting the /admin/sys/role/list endpoint. Attackers can exploit this by manipulating the 'sort' parameter to execute arbitrary SQL commands remotely. Any system running vulnerable versions of bootplus with the admin interface exposed is affected.

💻 Affected Systems

Products:

JoeyBling bootplus

Versions: All versions up to commit 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d

Operating Systems: Any OS running bootplus

Default Config Vulnerable: ⚠️ Yes

Notes: The product does not use versioning, making precise version identification difficult. All instances with the vulnerable code are affected.

📦 What is this software?

Bootplus by Joeybling

View all CVEs affecting Bootplus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, privilege escalation, and potential remote code execution depending on database configuration.

🟠

Likely Case

Unauthorized data access, data exfiltration, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place.

🌐 Internet-Facing: HIGH - The vulnerability can be exploited remotely without authentication, making internet-facing instances particularly vulnerable.

🏢 Internal Only: MEDIUM - Internal systems are still vulnerable but have reduced attack surface compared to internet-facing instances.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details have been publicly disclosed and the vulnerability is straightforward to exploit via HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown - product does not use versioning

Vendor Advisory: None available

Restart Required: No

Instructions:

1. Check if you're using bootplus. 2. Review the GitHub issue for potential fixes. 3. Consider migrating to maintained alternatives as this appears to be an unmaintained project.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation for the 'sort' parameter to only allow expected values

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns in the sort parameter

🧯 If You Can't Patch

Restrict network access to the admin interface using firewall rules
Implement database user with minimal privileges for the application

🔍 How to Verify

Check if Vulnerable:

Check if your system uses bootplus and examine the /admin/sys/role/list endpoint code for SQL injection vulnerabilities in the sort parameter handling.

Check Version:

No version command available - check git commit history or source code for the vulnerable commit

Verify Fix Applied:

Test the /admin/sys/role/list endpoint with SQL injection payloads in the sort parameter to ensure they are properly sanitized or rejected.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
HTTP requests to /admin/sys/role/list with suspicious sort parameters
Database error messages in application logs

Network Indicators:

HTTP POST/GET requests containing SQL keywords in sort parameter
Unusual database connection patterns from application server

SIEM Query:

http.url:"/admin/sys/role/list" AND (http.param.sort:CONTAINS "UNION" OR http.param.sort:CONTAINS "SELECT" OR http.param.sort:CONTAINS "INSERT" OR http.param.sort:CONTAINS "DELETE")

📊 Metadata

CVE ID: CVE-2025-0699

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.11% exploit probability (29.7th percentile)

Published: January 24, 2025

Last Updated: October 10, 2025

🔗 References

https://github.com/JoeyBling/bootplus/issues/21 Not Applicable
https://github.com/JoeyBling/bootplus/issues/21#issue-2786893665 Not Applicable
https://vuldb.com/?ctiid.293227 Permissions Required,VDB Entry
https://vuldb.com/?id.293227 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.480836 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0699, you might also want to check these: