CVE-2025-2113 – This critical SQL injection vulnerability in AT... (How to Fix)

Q: What is the severity of CVE-2025-2113?

CVE-2025-2113 has a CVSS score of 7.3 (HIGH). This critical SQL injection vulnerability in AT Software Solutions ATSVD allows attackers to execute arbitrary SQL commands through the 'Esqueceu a senha' (forgot password) component by manipulating the txtCPF parameter. Organizations using ATSVD versions up to 3.4.1 are affected, potentially exposing sensitive database information. Remote exploitation is possible without authentication.

📋 TL;DR

This critical SQL injection vulnerability in AT Software Solutions ATSVD allows attackers to execute arbitrary SQL commands through the 'Esqueceu a senha' (forgot password) component by manipulating the txtCPF parameter. Organizations using ATSVD versions up to 3.4.1 are affected, potentially exposing sensitive database information. Remote exploitation is possible without authentication.

💻 Affected Systems

Products:

AT Software Solutions ATSVD

Versions: Up to and including version 3.4.1

Operating Systems: Not specified - likely cross-platform

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the 'Esqueceu a senha' (forgot password) functionality specifically through txtCPF parameter manipulation.

📦 What is this software?

Atsvd by Atgroup

View all CVEs affecting Atsvd →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, privilege escalation, and potential remote code execution on the database server.

🟠

Likely Case

Unauthorized access to sensitive user data, password hashes, and potential authentication bypass.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-sensitive data.

🌐 Internet-Facing: HIGH - Remote exploitation without authentication makes internet-facing instances particularly vulnerable.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit has been publicly disclosed and may be used. SQL injection through parameter manipulation is typically straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.4.2

Vendor Advisory: Not provided in references

Restart Required: No

Instructions:

1. Download ATSVD version 3.4.2 from official vendor sources. 2. Backup current installation and database. 3. Apply the update following vendor documentation. 4. Verify the 'Esqueceu a senha' functionality works correctly.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to restrict txtCPF parameter to expected format (CPF numbers only)

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns targeting the forgot password endpoint

🧯 If You Can't Patch

Disable the 'Esqueceu a senha' functionality entirely if not required
Implement network segmentation to restrict access to ATSVD instances

🔍 How to Verify

Check if Vulnerable:

Check ATSVD version in admin interface or configuration files. If version is 3.4.1 or earlier, system is vulnerable.

Check Version:

Check application configuration or admin panel for version information

Verify Fix Applied:

Confirm version is 3.4.2 or later. Test the forgot password functionality with various inputs to ensure proper input validation.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in application logs
Multiple failed password reset attempts with unusual parameter values
Database queries with unexpected syntax from application

Network Indicators:

HTTP requests to forgot password endpoint with SQL injection patterns in parameters
Unusual database traffic patterns from application server

SIEM Query:

source="application_logs" AND ("sql error" OR "syntax error" OR "unclosed quotation") AND uri="*/esqueceu-senha*"

📊 Metadata

CVE ID: CVE-2025-2113

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

EPSS Score: 0.14% exploit probability (33.7th percentile)

Published: March 9, 2025

Last Updated: June 27, 2025

🔗 References

https://github.com/yago3008/cves Not Applicable
https://vuldb.com/?ctiid.299006 Permissions Required,VDB Entry
https://vuldb.com/?id.299006 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.506341 Exploit,Third Party Advisory,VDB Entry
https://vuldb.com/?submit.506341 Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-2113, you might also want to check these: