CVE-2025-25994 – This SQL injection vulnerability in FeMiner wms... (How to Fix)

Q: What is the severity of CVE-2025-25994?

CVE-2025-25994 has a CVSS score of 7.5 (HIGH). This SQL injection vulnerability in FeMiner wms 1.0 allows remote attackers to execute arbitrary SQL commands through the date1, date2, and id parameters. Attackers can potentially access, modify, or delete database contents. All users running FeMiner wms 1.0 are affected.

📋 TL;DR

This SQL injection vulnerability in FeMiner wms 1.0 allows remote attackers to execute arbitrary SQL commands through the date1, date2, and id parameters. Attackers can potentially access, modify, or delete database contents. All users running FeMiner wms 1.0 are affected.

💻 Affected Systems

Products:

FeMiner wms

Versions: 1.0

Operating Systems: All platforms running FeMiner wms

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of FeMiner wms 1.0 are vulnerable by default. The vulnerability exists in the application code itself.

📦 What is this software?

Feminer Wms by Feminer Wms Project

View all CVEs affecting Feminer Wms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive information stored in the database, potentially including user credentials, personal data, or business information.

🟢

If Mitigated

Limited information disclosure if proper input validation and parameterized queries are implemented.

🌐 Internet-Facing: HIGH - Remote attackers can exploit this without authentication if the application is internet-facing.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of SQL injection techniques and the application's database schema. The specific parameters (date1, date2, id) are identified as vulnerable vectors.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issue for latest patched version

Vendor Advisory: https://github.com/FeMiner/wms/issues/20

Restart Required: No

Instructions:

1. Check the GitHub issue for available patches or updates. 2. Apply the patch that implements proper input validation and parameterized queries. 3. Test the application functionality after patching.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation for date1, date2, and id parameters to reject malicious input

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting the vulnerable parameters

🧯 If You Can't Patch

Implement network segmentation to restrict access to the vulnerable application
Deploy a web application firewall with SQL injection detection rules

🔍 How to Verify

Check if Vulnerable:

Test the date1, date2, and id parameters with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in admin interface or configuration files

Verify Fix Applied:

Retest with SQL injection payloads after patching to ensure they are properly sanitized or rejected

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in application logs
Multiple failed login attempts or parameter manipulation

Network Indicators:

HTTP requests containing SQL keywords in date1, date2, or id parameters
Unusual database query patterns

SIEM Query:

web.url:*date1=* OR web.url:*date2=* OR web.url:*id=* AND (web.url:*SELECT* OR web.url:*UNION* OR web.url:*OR*)

📊 Metadata

CVE ID: CVE-2025-25994

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

EPSS Score: 0.13% exploit probability (33.3th percentile)

Published: February 14, 2025

Last Updated: May 2, 2025

🔗 References

https://github.com/FeMiner/wms/issues/20 Exploit,Issue Tracking,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25994, you might also want to check these: