CVE-2025-14192
📋 TL;DR
This CVE describes a SQL injection vulnerability in the RashminDungrani online-banking application's login functionality. Attackers can manipulate the Username parameter in /site/dist/auth_login.php to execute arbitrary SQL commands. All users running affected versions of this online banking software are at risk.
💻 Affected Systems
- RashminDungrani online-banking
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including sensitive financial data, user credentials, and potential remote code execution on the database server.
Likely Case
Unauthorized access to user accounts, financial data theft, and potential privilege escalation within the banking application.
If Mitigated
Failed login attempts logged, but no data compromise if proper input validation and parameterized queries are implemented.
🎯 Exploit Status
Exploit details are publicly available in the referenced GitHub document. The vulnerability is in the login endpoint which is typically unauthenticated.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None available
Restart Required: No
Instructions:
No official patch available. Vendor has not responded to disclosure. Consider migrating to alternative software or implementing workarounds.
🔧 Temporary Workarounds
Input Validation and Sanitization
allImplement strict input validation and parameterized queries for the Username parameter
Modify /site/dist/auth_login.php to use prepared statements with parameterized queries
Web Application Firewall Rules
allDeploy WAF rules to block SQL injection patterns in login requests
Add WAF rule: Detect and block SQL keywords in Username parameter
🧯 If You Can't Patch
- Isolate the vulnerable system behind additional network segmentation
- Implement strict monitoring and alerting for suspicious login attempts
🔍 How to Verify
Check if Vulnerable:
Test the login endpoint with SQL injection payloads in the Username parameter (e.g., admin' OR '1'='1)Check Version:
Check Git commit hash: git log --oneline -1Verify Fix Applied:
Verify that SQL injection attempts no longer succeed and return proper error handling📡 Detection & Monitoring
Log Indicators:
- Unusual SQL error messages in application logs
- Multiple failed login attempts with SQL-like patterns
Network Indicators:
- HTTP POST requests to /site/dist/auth_login.php containing SQL keywords
SIEM Query:
source="web_logs" AND uri="/site/dist/auth_login.php" AND (Username CONTAINS "' OR" OR Username CONTAINS "UNION" OR Username CONTAINS "SELECT")