CVE-2025-15443 – This SQL injection vulnerability in CRMEB allow... (How to Fix)

Q: What is the severity of CVE-2025-15443?

CVE-2025-15443 has a CVSS score of 4.7 (MEDIUM). This SQL injection vulnerability in CRMEB allows attackers to manipulate database queries through the cate_id parameter in the product export endpoint. It affects CRMEB installations up to version 5.6.1 and can be exploited remotely without authentication. Organizations using vulnerable CRMEB versions are at risk of data theft or manipulation.

📋 TL;DR

This SQL injection vulnerability in CRMEB allows attackers to manipulate database queries through the cate_id parameter in the product export endpoint. It affects CRMEB installations up to version 5.6.1 and can be exploited remotely without authentication. Organizations using vulnerable CRMEB versions are at risk of data theft or manipulation.

💻 Affected Systems

Products:

CRMEB

Versions: Up to and including 5.6.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /adminapi/product/product_export endpoint. The vulnerability exists in how cate_id parameter is processed.

📦 What is this software?

Crmeb by Crmeb

View all CVEs affecting Crmeb →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data manipulation, or potential remote code execution through database functions.

🟠

Likely Case

Unauthorized data extraction from the database, potentially exposing sensitive customer information, product data, or administrative credentials.

🟢

If Mitigated

Limited impact with proper input validation and database permission restrictions, potentially only allowing data viewing from accessible tables.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept available on GitHub. Remote exploitation possible without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure. Consider upgrading to latest version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize cate_id parameter before processing

Modify /adminapi/product/product_export endpoint to validate cate_id as integer only

WAF Rule

all

Implement web application firewall rules to block SQL injection patterns

Add WAF rule: Detect and block SQL patterns in cate_id parameter

🧯 If You Can't Patch

Restrict access to /adminapi/product/product_export endpoint using network ACLs or authentication
Implement database user with minimal permissions (read-only for necessary tables)

🔍 How to Verify

Check if Vulnerable:

Test the /adminapi/product/product_export endpoint with SQL injection payloads in cate_id parameter

Check Version:

Check CRMEB version in system configuration or admin panel

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return error or sanitized response

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple requests to /adminapi/product/product_export with unusual parameters

Network Indicators:

HTTP requests to vulnerable endpoint with SQL patterns in parameters

SIEM Query:

source="web_logs" AND uri="/adminapi/product/product_export" AND (param="cate_id" AND value MATCH "(?i)(union|select|insert|update|delete|drop|--|#|;)")

📊 Metadata

CVE ID: CVE-2025-15443

CVSS v3 Score: 4.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.03% exploit probability (8.1th percentile)

Published: January 4, 2026

Last Updated: January 14, 2026

🔗 References

https://github.com/En0t5/vul/blob/main/crmeb/crmeb-product-productExport-SQL.md Exploit,Third Party Advisory
https://github.com/En0t5/vul/blob/main/crmeb/crmeb-product-productExport-SQL.md#poc Exploit,Third Party Advisory
https://vuldb.com/?ctiid.339465 Permissions Required,VDB Entry
https://vuldb.com/?id.339465 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.721916 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15443, you might also want to check these: