CVE-2025-10121
📋 TL;DR
This SQL injection vulnerability in uverif allows remote attackers to execute arbitrary SQL commands through manipulation of the 'note' parameter in the addbatch function. It affects uverif versions up to 3.2, potentially compromising database integrity and confidentiality. Attackers can exploit this to access, modify, or delete sensitive data.
💻 Affected Systems
- uverif
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, data destruction, or full system takeover via subsequent attacks.
Likely Case
Unauthorized data access, data manipulation, or privilege escalation within the database.
If Mitigated
Limited impact with proper input validation and database permissions restricting damage scope.
🎯 Exploit Status
Exploit has been published and may be used. Attack requires access to the vulnerable endpoint.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 3.3 or later
Vendor Advisory: Not available
Restart Required: No
Instructions:
1. Check current uverif version. 2. Upgrade to version 3.3 or later. 3. Verify the fix by testing the vulnerable endpoint.
🔧 Temporary Workarounds
Input Validation
allImplement strict input validation for the 'note' parameter to reject SQL injection attempts.
WAF Rules
allDeploy web application firewall rules to block SQL injection patterns targeting the /admin/kami_list endpoint.
🧯 If You Can't Patch
- Restrict network access to the /admin/kami_list endpoint to trusted IPs only.
- Implement database user permissions with least privilege to limit potential damage.
🔍 How to Verify
Check if Vulnerable:
Test the /admin/kami_list endpoint with SQL injection payloads in the 'note' parameter and observe database errors or unexpected behavior.Check Version:
Check uverif documentation or configuration files for version information.Verify Fix Applied:
After patching, retest with SQL injection payloads to confirm they are properly sanitized or rejected.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- Multiple failed login attempts or parameter manipulation in web server logs
Network Indicators:
- Unusual traffic patterns to /admin/kami_list
- SQL error messages in HTTP responses
SIEM Query:
source="web_server" AND uri="/admin/kami_list" AND (param="note" AND value CONTAINS "' OR '")