CVE-2025-14780
📋 TL;DR
This SQL injection vulnerability in Xiongwei Smart Catering Cloud Platform allows remote attackers to execute arbitrary SQL commands through the filter parameter of the /dishtrade/dish_trade_detail_get endpoint. Organizations using version 2.1.6446.28761 of this catering management software are affected. The vulnerability enables attackers to potentially access, modify, or delete database content.
💻 Affected Systems
- Xiongwei Smart Catering Cloud Platform
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including theft of sensitive customer data, financial records, and administrative credentials, potentially leading to data destruction or ransomware deployment.
Likely Case
Data exfiltration of customer information, menu pricing data, and operational records, with potential for privilege escalation within the application.
If Mitigated
Limited impact due to proper input validation, parameterized queries, and database permission restrictions preventing unauthorized data access.
🎯 Exploit Status
The exploit is publicly available and requires minimal technical skill to execute against vulnerable systems.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Not available
Restart Required: No
Instructions:
Contact Xiongwei vendor for patch availability. If no patch exists, implement workarounds immediately.
🔧 Temporary Workarounds
Web Application Firewall (WAF) Rules
allDeploy WAF rules to block SQL injection patterns targeting the /dishtrade/dish_trade_detail_get endpoint
Network Access Control
allRestrict access to the vulnerable endpoint using firewall rules or reverse proxy configurations
🧯 If You Can't Patch
- Isolate the affected system from the internet and restrict access to authorized users only
- Implement database monitoring and alerting for unusual SQL query patterns
🔍 How to Verify
Check if Vulnerable:
Test the /dishtrade/dish_trade_detail_get endpoint with SQL injection payloads in the filter parameterCheck Version:
Check application version in admin panel or configuration filesVerify Fix Applied:
Verify that SQL injection attempts no longer succeed and that parameterized queries are implemented📡 Detection & Monitoring
Log Indicators:
- Unusual SQL error messages in application logs
- Multiple failed login attempts following SQL injection patterns
- Unusual database query patterns from web application user
Network Indicators:
- HTTP requests to /dishtrade/dish_trade_detail_get with SQL keywords in parameters
- Unusual outbound database connections from web server
SIEM Query:
source="web_logs" AND uri="/dishtrade/dish_trade_detail_get" AND (param="filter" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "INSERT" OR value CONTAINS "DELETE")