CVE-2025-25580 – This SQL injection vulnerability in yimioa allo... (How to Fix)

Q: What is the severity of CVE-2025-25580?

CVE-2025-25580 has a CVSS score of 6.1 (MEDIUM). This SQL injection vulnerability in yimioa allows attackers to execute arbitrary SQL commands through the listNameBySql() method in the UserMapper.xml file. Attackers could potentially read, modify, or delete database contents. All systems running yimioa versions before v2024.07.04 are affected.

📋 TL;DR

This SQL injection vulnerability in yimioa allows attackers to execute arbitrary SQL commands through the listNameBySql() method in the UserMapper.xml file. Attackers could potentially read, modify, or delete database contents. All systems running yimioa versions before v2024.07.04 are affected.

💻 Affected Systems

Products:

yimioa

Versions: All versions before v2024.07.04

Operating Systems: All platforms running yimioa

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the default configuration of affected versions.

📦 What is this software?

Yimioa by R1bbit

View all CVEs affecting Yimioa →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, or potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access, data exfiltration, or privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions.

🌐 Internet-Facing: HIGH if the vulnerable endpoint is exposed to the internet without proper authentication.

🏢 Internal Only: MEDIUM as internal attackers could still exploit this to gain unauthorized access to sensitive data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection vulnerabilities are typically easy to exploit with basic knowledge of SQL. The specific exploit path requires access to the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2024.07.04

Vendor Advisory: https://gitee.com/r1bbit/yimioa/issues/IBI6XT

Restart Required: Yes

Instructions:

1. Download yimioa v2024.07.04 or later from official source. 2. Backup current installation and data. 3. Stop yimioa service. 4. Replace with patched version. 5. Restart yimioa service. 6. Verify functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation to reject SQL injection patterns

Implement regex filtering for SQL keywords: SELECT, UNION, INSERT, UPDATE, DELETE, DROP, OR, AND, --, #, ;, '

Web Application Firewall

all

Deploy WAF with SQL injection protection rules

Configure WAF to block requests containing SQL injection patterns to /xml/UserMapper.xml endpoint

🧯 If You Can't Patch

Implement network segmentation to restrict access to the vulnerable endpoint
Enable detailed logging and monitoring for SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Check yimioa version. If version is earlier than v2024.07.04, system is vulnerable.

Check Version:

Check yimioa configuration files or application interface for version information

Verify Fix Applied:

Verify yimioa version is v2024.07.04 or later and test the listNameBySql() method with SQL injection test payloads.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed authentication attempts
Requests to /xml/UserMapper.xml with SQL keywords

Network Indicators:

Unusual database connection patterns
Large data transfers from database server

SIEM Query:

source="yimioa" AND ("UserMapper.xml" OR "listNameBySql") AND (SELECT OR UNION OR INSERT OR -- OR ' OR ")

📊 Metadata

CVE ID: CVE-2025-25580

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

CWE: CWE-89

EPSS Score: 0.04% exploit probability (10.7th percentile)

Published: March 18, 2025

Last Updated: June 19, 2025

🔗 References

https://gitee.com/r1bbit/yimioa/issues/IBI6XT Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25580, you might also want to check these: