CVE-2025-29153 – An SQL injection vulnerability in lemeconsultor... (How to Fix)

Q: What is the severity of CVE-2025-29153?

CVE-2025-29153 has a CVSS score of 5.4 (MEDIUM). An SQL injection vulnerability in lemeconsultoria HCM galera.app version 4.58.0 allows attackers to execute arbitrary SQL commands through the Data export and filters functions. This could lead to unauthorized data access, modification, or deletion. Organizations using this specific version of the HCM software are affected.

📋 TL;DR

An SQL injection vulnerability in lemeconsultoria HCM galera.app version 4.58.0 allows attackers to execute arbitrary SQL commands through the Data export and filters functions. This could lead to unauthorized data access, modification, or deletion. Organizations using this specific version of the HCM software are affected.

💻 Affected Systems

Products:

lemeconsultoria HCM galera.app

Versions: v.4.58.0

Operating Systems: All platforms running the application

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the Data export and filters functions specifically.

📦 What is this software?

Galera by Lemeconsultoria

View all CVEs affecting Galera →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, privilege escalation, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive HR data (employee records, salaries, personal information) and potential data manipulation.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH if the application is exposed to the internet, as SQL injection can be exploited remotely.

🏢 Internal Only: MEDIUM as internal attackers or compromised accounts could still exploit the vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Proof of concept is publicly available, making exploitation straightforward for attackers with access to vulnerable functions.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Check vendor website for security updates. If patch is available, follow vendor's installation instructions. Otherwise, implement workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement server-side input validation and parameterized queries for all Data export and filter functions.

Implement prepared statements with parameterized queries in application code

Web Application Firewall Rules

all

Deploy WAF rules to block SQL injection patterns targeting export and filter endpoints.

Configure WAF to detect and block SQL injection patterns in POST/GET parameters

🧯 If You Can't Patch

Disable Data export and filter functions if not essential for business operations
Implement strict network segmentation to limit access to the application database

🔍 How to Verify

Check if Vulnerable:

Test Data export and filter functions with SQL injection payloads (e.g., ' OR '1'='1) and observe if database errors or unexpected results occur.

Check Version:

Check application version in admin panel or configuration files; should show v.4.58.0 if vulnerable.

Verify Fix Applied:

Retest with SQL injection payloads after implementing fixes; successful input should be rejected or sanitized without database errors.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts or parameter manipulation in application logs
Errors containing SQL syntax in web server logs

Network Indicators:

Unusual outbound database connections from application server
Large data transfers following parameter manipulation requests

SIEM Query:

source="web_logs" AND (url="*/export*" OR url="*/filter*") AND (param="*' OR*" OR param="*;--*" OR param="*UNION*" OR status=500)

📊 Metadata

CVE ID: CVE-2025-29153

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE: CWE-89

EPSS Score: 0.1% exploit probability (28.3th percentile)

Published: May 7, 2025

Last Updated: July 9, 2025

🔗 References

https://wellington-almeida.medium.com/poc-sql-391c437c3960 Exploit,Third Party Advisory
https://worzyus.medium.com/391c437c3960 Exploit,Third Party Advisory
https://wellington-almeida.medium.com/poc-sql-391c437c3960 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-29153, you might also want to check these: