Login Sign Up

CVE-2025-34241

6.5 MEDIUM
SQL Injection

📋 TL;DR

Advantech WebAccess/VPN versions before 1.1.5 contain a SQL injection vulnerability in the AjaxDeviceController.ajaxDeviceAction() function. Authenticated low-privileged users can exploit this via datatable search parameters to extract database information. This affects organizations using vulnerable Advantech VPN portal installations.

💻 Affected Systems

Products:
  • Advantech WebAccess/VPN
Versions: All versions prior to 1.1.5
Operating Systems: Not specified, likely multiple
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated access, but low-privileged observer accounts can exploit.

📦 What is this software?

Webaccess\/vpn by Advantech

View all CVEs affecting Webaccess\/vpn →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including sensitive configuration data, user credentials, and potentially lateral movement to other systems.

🟠

Likely Case

Disclosure of database contents including user information, device configurations, and potentially authentication data.

🟢

If Mitigated

Limited data exposure if database permissions are properly restricted and input validation is enforced elsewhere.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but uses common SQL injection techniques via search parameters.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.1.5

Vendor Advisory: https://icr.advantech.com/support/router-models/download/511/sa-2025-01-vpn-portal-2025-11-06.pdf

Restart Required: Yes

Instructions:

1. Download version 1.1.5 from Advantech's website. 2. Backup current configuration. 3. Apply the update following vendor instructions. 4. Restart the service/application.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement web application firewall or input validation to block SQL injection patterns in search parameters.

Database Permission Restriction

all

Limit database user permissions to read-only for application accounts where possible.

🧯 If You Can't Patch

  • Implement network segmentation to isolate the VPN portal from sensitive databases.
  • Monitor and audit database queries from the application for suspicious patterns.

🔍 How to Verify

Check if Vulnerable:

Check Advantech WebAccess/VPN version in administration interface. If version is below 1.1.5, system is vulnerable.

Check Version:

Check via Advantech administration web interface or consult vendor documentation.

Verify Fix Applied:

Verify version is 1.1.5 or higher in administration interface and test search functionality with SQL injection attempts.

📡 Detection & Monitoring

Log Indicators:

  • Unusual database query patterns from AjaxDeviceController
  • Multiple failed SQL injection attempts in web logs
  • Unexpected database access from application user

Network Indicators:

  • SQL error messages in HTTP responses
  • Unusual database connection patterns

SIEM Query:

web_logs WHERE url CONTAINS 'AjaxDeviceController' AND (query CONTAINS 'SELECT' OR query CONTAINS 'UNION' OR query CONTAINS 'OR 1=1')

📊 Metadata

CVE ID: CVE-2025-34241
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-89
EPSS Score: 0.04% exploit probability (10.5th percentile)
Published: November 6, 2025
Last Updated: November 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34241, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)