CVE-2025-14189
📋 TL;DR
This CVE describes a SQL injection vulnerability in Chanjet CRM through version 20251121. Attackers can exploit the gblOrgID parameter in /tools/jxf_dump_table_demo.php to execute arbitrary SQL commands. The vulnerability is remotely exploitable and affects all systems running vulnerable versions of Chanjet CRM.
💻 Affected Systems
- Chanjet CRM
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, data manipulation, and potential remote code execution via database functions.
Likely Case
Unauthorized data access, data exfiltration, and potential privilege escalation within the CRM system.
If Mitigated
Limited impact with proper input validation, parameterized queries, and network segmentation in place.
🎯 Exploit Status
The exploit is publicly available and requires minimal technical skill to execute. The vulnerability is in a demo/tool file which may be accessible without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Vendor has not responded to disclosure. Consider workarounds or alternative CRM solutions.
🔧 Temporary Workarounds
Remove vulnerable file
linuxDelete or rename the vulnerable PHP file to prevent exploitation
rm /path/to/webroot/tools/jxf_dump_table_demo.php
mv /path/to/webroot/tools/jxf_dump_table_demo.php /path/to/webroot/tools/jxf_dump_table_demo.php.disabled
Block access to tools directory
allConfigure web server to deny access to the /tools/ directory
# Apache: Add 'Deny from all' to .htaccess in tools directory
# Nginx: location ~ ^/tools/ { deny all; }
🧯 If You Can't Patch
- Implement WAF rules to block SQL injection patterns targeting the vulnerable endpoint
- Restrict network access to the CRM system using firewall rules and network segmentation
🔍 How to Verify
Check if Vulnerable:
Check if file exists: ls -la /path/to/webroot/tools/jxf_dump_table_demo.phpCheck Version:
Check CRM version in admin panel or configuration filesVerify Fix Applied:
Verify file is removed or inaccessible: curl -I http://your-server/tools/jxf_dump_table_demo.php should return 404 or 403📡 Detection & Monitoring
Log Indicators:
- HTTP requests to /tools/jxf_dump_table_demo.php with SQL injection patterns in parameters
- Unusual database queries from web application user
Network Indicators:
- HTTP requests containing SQL keywords (UNION, SELECT, INSERT) targeting the vulnerable endpoint
SIEM Query:
web.url:*jxf_dump_table_demo.php* AND (web.param:*UNION* OR web.param:*SELECT* OR web.param:*INSERT*)