CVE-2025-13121
📋 TL;DR
CVE-2025-13121 is an SQL injection vulnerability in the Liketea 1.0.0 API endpoint that allows remote attackers to execute arbitrary SQL commands by manipulating lng/lat parameters. This affects all systems running the vulnerable version of Liketea, potentially leading to data theft, modification, or deletion.
💻 Affected Systems
- cameasy Liketea
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data exfiltration, data destruction, and potential remote code execution if database permissions allow.
Likely Case
Unauthorized data access and manipulation of the Liketea database, potentially exposing user information and application data.
If Mitigated
Limited impact with proper input validation and database permission restrictions in place.
🎯 Exploit Status
Public proof-of-concept available on GitHub demonstrates exploitation technique.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Manually fix the vulnerable code in laravel/app/Http/Controllers/Front/StoreController.php by implementing proper input validation and parameterized queries.
🔧 Temporary Workarounds
Input Validation and Sanitization
allAdd input validation for lng/lat parameters to ensure they contain only expected data types and ranges.
Web Application Firewall Rules
allImplement WAF rules to block SQL injection patterns targeting the vulnerable API endpoint.
🧯 If You Can't Patch
- Restrict network access to the vulnerable API endpoint using firewall rules or network segmentation.
- Implement rate limiting and monitoring on the affected endpoint to detect exploitation attempts.
🔍 How to Verify
Check if Vulnerable:
Check if running Liketea 1.0.0 and examine the StoreController.php file for vulnerable lng/lat parameter handling without proper input validation.Check Version:
Check Liketea version in application configuration or package manager.Verify Fix Applied:
Verify that lng/lat parameters are properly validated and that SQL queries use parameterized statements or prepared queries.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- Multiple failed API requests with SQL injection patterns
- Unexpected database access patterns
Network Indicators:
- HTTP requests to the vulnerable endpoint with SQL injection payloads in parameters
- Unusual traffic patterns to the API endpoint
SIEM Query:
Search for HTTP requests containing SQL keywords (SELECT, UNION, INSERT, etc.) in URL parameters targeting the StoreController endpoint.