CVE-2025-10090 – This CVE describes a SQL injection vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2025-10090?

CVE-2025-10090 has a CVSS score of 7.3 (HIGH). This CVE describes a SQL injection vulnerability in Jinher OA software up to version 1.2, specifically in the GetTreeDate.aspx file. Attackers can manipulate the ID parameter to execute arbitrary SQL commands, potentially compromising the database. Organizations using Jinher OA versions up to 1.2 are affected.

📋 TL;DR

This CVE describes a SQL injection vulnerability in Jinher OA software up to version 1.2, specifically in the GetTreeDate.aspx file. Attackers can manipulate the ID parameter to execute arbitrary SQL commands, potentially compromising the database. Organizations using Jinher OA versions up to 1.2 are affected.

💻 Affected Systems

Products:

Jinher OA

Versions: Up to version 1.2

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation of affected versions. The specific component is /C6/Jhsoft.Web.departments/GetTreeDate.aspx.

📦 What is this software?

Jinher Oa by Jinher

View all CVEs affecting Jinher Oa →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or full system takeover via SQL injection to RCE chaining.

🟠

Likely Case

Unauthorized data access, extraction of sensitive information, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The exploit has been published and requires minimal technical skill to execute. Remote exploitation is possible without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Check with Jinher for security updates beyond version 1.2.

🔧 Temporary Workarounds

Web Application Firewall (WAF) Rules

all

Implement WAF rules to block SQL injection patterns targeting the GetTreeDate.aspx endpoint.

Input Validation Filter

windows

Add server-side input validation to sanitize the ID parameter before processing.

🧯 If You Can't Patch

Isolate the Jinher OA system from the internet using network segmentation.
Implement strict access controls and monitor all database queries from the application.

🔍 How to Verify

Check if Vulnerable:

Test the /C6/Jhsoft.Web.departments/GetTreeDate.aspx endpoint with SQL injection payloads in the ID parameter.

Check Version:

Check the Jinher OA application version in the admin interface or configuration files.

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and that parameterized queries are implemented.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts or parameter manipulation in web logs

Network Indicators:

HTTP requests to GetTreeDate.aspx with SQL injection patterns in parameters

SIEM Query:

source="web_logs" AND uri="/C6/Jhsoft.Web.departments/GetTreeDate.aspx" AND (param="ID" AND value CONTAINS "' OR '1'='1" OR value CONTAINS "UNION SELECT" OR value CONTAINS "EXEC(")

📊 Metadata

CVE ID: CVE-2025-10090

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 1.14% exploit probability (78.1th percentile)

Published: September 8, 2025

Last Updated: October 9, 2025

🔗 References

https://github.com/Cstarplus/CVE/issues/1 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.323045 Permissions Required,VDB Entry
https://vuldb.com/?id.323045 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.644635 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10090, you might also want to check these: