Platform
other
Component
sat-cfdi
Fixed in
3.3.1
CVE-2018-25202 describes a SQL Injection vulnerability discovered in SAT CFDI version 3.3. This flaw allows attackers to manipulate database queries by injecting malicious SQL code through the 'id' parameter within the signIn endpoint. Successful exploitation could lead to unauthorized data access and potential compromise of the application, impacting organizations utilizing SAT CFDI 3.3. A fix is available; upgrading is the recommended remediation.
The SQL Injection vulnerability in SAT CFDI 3.3 presents a significant risk. An attacker can leverage this flaw to bypass authentication mechanisms and gain unauthorized access to the underlying database. This could involve extracting sensitive user data, financial records, or other confidential information stored within the database. Furthermore, an attacker might be able to modify data, potentially disrupting business operations or causing financial loss. The potential blast radius extends to any system or service that relies on the compromised SAT CFDI instance. While no direct precedent is immediately apparent, SQL Injection vulnerabilities are frequently exploited, and this flaw shares similarities with other database-centric attacks.
CVE-2018-25202 was publicly disclosed on 2026-03-26. The vulnerability's severity is rated HIGH with a CVSS score of 8.2. There is no indication of this vulnerability being actively exploited in the wild or listed on CISA KEV. Public proof-of-concept exploits are not widely available, but the nature of SQL Injection vulnerabilities makes it likely that such exploits could emerge.
Exploit Status
EPSS
0.04% (13% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2018-25202 is to upgrade to a patched version of SAT CFDI. If upgrading immediately is not feasible, implement temporary workarounds. Deploy a Web Application Firewall (WAF) with rules specifically designed to detect and block SQL Injection attempts targeting the signIn endpoint. Carefully review and sanitize all user inputs, particularly the 'id' parameter, to prevent malicious code from being injected. Consider implementing input validation and parameterized queries to further reduce the attack surface. Monitor application logs for suspicious SQL queries or error messages that might indicate an attempted exploitation. After upgrade, confirm the vulnerability is resolved by attempting a SQL injection attack on the signIn endpoint and verifying that it is blocked.
Update to a patched version of SAT CFDI 3.3 software that resolves the SQL Injection vulnerability. Contact the vendor (Wecodex) for the updated version or follow their security recommendations.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2018-25202 is a SQL Injection vulnerability affecting SAT CFDI version 3.3, allowing attackers to inject SQL code via the 'id' parameter in the signIn endpoint to potentially extract sensitive data.
If you are using SAT CFDI version 3.3, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade to a patched version of SAT CFDI. As a temporary workaround, implement WAF rules and input validation.
There is currently no public evidence of CVE-2018-25202 being actively exploited, but the vulnerability's nature makes it a potential target.
Refer to the SAT CFDI vendor's official security advisory for detailed information and remediation steps related to CVE-2018-25202.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.