CVE-2025-10218 – This SQL injection vulnerability in ruoyi-go 2.... (How to Fix)

Q: What is the severity of CVE-2025-10218?

CVE-2025-10218 has a CVSS score of 6.3 (MEDIUM). This SQL injection vulnerability in ruoyi-go 2.1 allows attackers to manipulate database queries through the sortName parameter in the background management page. Remote exploitation is possible, potentially leading to unauthorized data access or manipulation. Systems running the vulnerable version of ruoyi-go with exposed management interfaces are affected.

📋 TL;DR

This SQL injection vulnerability in ruoyi-go 2.1 allows attackers to manipulate database queries through the sortName parameter in the background management page. Remote exploitation is possible, potentially leading to unauthorized data access or manipulation. Systems running the vulnerable version of ruoyi-go with exposed management interfaces are affected.

💻 Affected Systems

Products:

lostvip-com ruoyi-go

Versions: 2.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with the background management page accessible and the vulnerable function exposed.

📦 What is this software?

Ruoyi Go by Lostvip

View all CVEs affecting Ruoyi Go →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, modification, or deletion; potential privilege escalation to administrative access; possible remote code execution if database configuration permits.

🟠

Likely Case

Unauthorized access to sensitive system data stored in the database, including user credentials, configuration data, and business information.

🟢

If Mitigated

Limited impact due to proper input validation, parameterized queries, or network segmentation preventing exploitation attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details have been published and may be used. Attack requires access to the background management interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure. Consider implementing workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation for the sortName parameter to only allow expected values

Parameterized Queries Implementation

all

Rewrite the SelectListPage function to use parameterized queries instead of string concatenation

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block SQL injection patterns targeting the sortName parameter
Restrict network access to the background management interface using firewall rules or network segmentation

🔍 How to Verify

Check if Vulnerable:

Check if running ruoyi-go version 2.1 and examine the SysRoleDao.go file for unsafe string concatenation in SelectListPage function

Check Version:

Check application configuration or package manager for ruoyi-go version

Verify Fix Applied:

Verify that sortName parameter is properly validated or that parameterized queries are implemented in the SelectListPage function

📡 Detection & Monitoring

Log Indicators:

Unusual database query patterns
Multiple failed login attempts to admin interface
SQL error messages in application logs

Network Indicators:

Unusual SQL syntax in HTTP POST/GET parameters
Multiple requests to background management endpoints with crafted sortName values

SIEM Query:

source="web_server" AND (uri="/system/role/list" OR uri LIKE "%/background/%") AND (param="sortName" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "--")

📊 Metadata

CVE ID: CVE-2025-10218

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.02% exploit probability (4.3th percentile)

Published: September 10, 2025

Last Updated: October 16, 2025

🔗 References

https://github.com/on-theway/cve/issues/10 Broken Link
https://vuldb.com/?ctiid.323486 Permissions Required,VDB Entry
https://vuldb.com/?id.323486 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.641027 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10218, you might also want to check these: