CVE-2025-44034 – This SQL injection vulnerability in oa

Q: What is the severity of CVE-2025-44034?

CVE-2025-44034 has a CVSS score of 8.0 (HIGH). This SQL injection vulnerability in oa_system oasys v1.1 allows remote attackers to execute arbitrary SQL commands via the alph parameters in the AddrController. This could lead to data theft, data manipulation, or complete system compromise. Organizations using oasys v1.1 are affected.

📋 TL;DR

This SQL injection vulnerability in oa_system oasys v1.1 allows remote attackers to execute arbitrary SQL commands via the alph parameters in the AddrController. This could lead to data theft, data manipulation, or complete system compromise. Organizations using oasys v1.1 are affected.

💻 Affected Systems

Products:

oa_system oasys

Versions: v1.1

Operating Systems: Any

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation of oasys v1.1.

📦 What is this software?

Oa System by Aaluoxiang

View all CVEs affecting Oa System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data exfiltration, privilege escalation, and remote code execution on the underlying server.

🟠

Likely Case

Unauthorized data access and manipulation, potentially exposing sensitive information and disrupting business operations.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries preventing SQL injection.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are commonly exploited and public proof-of-concept exists.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

No official patch available. Implement workarounds or upgrade to a secure version if available.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and sanitization for alph parameters in AddrController.

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

🧯 If You Can't Patch

Isolate the affected system from critical networks and databases.
Implement network segmentation and restrict access to the vulnerable endpoint.

🔍 How to Verify

Check if Vulnerable:

Test the alph parameter in AddrController for SQL injection using tools like sqlmap or manual testing.

Check Version:

Check the application version in the system configuration or documentation.

Verify Fix Applied:

Verify that input validation and parameterized queries are implemented and test for SQL injection.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed login attempts or parameter manipulation

Network Indicators:

Suspicious HTTP requests to AddrController with SQL payloads in parameters

SIEM Query:

source="application_logs" AND (message="*SQL*" OR message="*alph*" AND message="*injection*")

📊 Metadata

CVE ID: CVE-2025-44034

CVSS v3 Score: 8.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

EPSS Score: 0.09% exploit probability (25.6th percentile)

Published: September 16, 2025

Last Updated: November 19, 2025

🔗 References

https://github.com/qkdjksfkeg/Security-Collections/blob/main/sqlinjection2.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-44034, you might also want to check these: