प्लेटफ़ॉर्म
php
घटक
neuron-core/neuron-ai
में ठीक किया गया
2.8.13
2.8.12
CVE-2025-67509 is a Remote Code Execution (RCE) vulnerability affecting versions of neuron-core/neuron-ai up to and including 2.8.9. This vulnerability allows attackers to potentially write arbitrary files to the database server, leading to complete system compromise. A fix is available in version 2.8.12, and users are strongly advised to upgrade immediately.
The MySQLSelectTool component, designed for read-only SQL queries, suffers from inadequate input validation. While intended to block malicious SQL commands, the validation mechanism fails to prevent file-writing constructs like INTO OUTFILE or INTO DUMPFILE. This flaw allows an attacker who can influence the tool's input – for example, through prompt injection in a public agent endpoint – to write arbitrary content to files on the database server. The severity of this vulnerability is amplified if the MySQL/MariaDB account possesses the FILE privilege and the server configuration permits writes to a publicly accessible directory, such as a web server's document root. Successful exploitation could lead to remote code execution, data exfiltration, and complete system takeover.
CVE-2025-67509 was published on 2025-12-09. Public proof-of-concept code is currently unknown, but the vulnerability's nature and the ease of prompt injection suggest a high likelihood of exploitation. The vulnerability's impact, combined with the potential for widespread deployment of neuron-core/neuron-ai, warrants careful attention. It is not currently listed on the CISA KEV catalog, but its severity and potential impact may lead to future inclusion.
Organizations deploying neuron-core/neuron-ai with publicly accessible agent endpoints are particularly at risk. This includes those utilizing the tool for LLM agent querying and those who have granted the MySQL/MariaDB account the FILE privilege. Shared hosting environments where multiple users share the same database server are also vulnerable, as a compromised agent could impact other users' data.
• php: Examine application logs for SQL queries containing INTO OUTFILE or INTO DUMPFILE.
• php: Use grep to search for instances of MySQLSelectTool in the codebase, particularly where user input is directly incorporated into SQL queries.
• generic web: Monitor web server access logs for requests containing suspicious SQL syntax or attempts to access files outside the intended scope.
• database (mysql): Execute SHOW GRANTS FOR 'yourmysqluser'@'%'; to verify the FILE privilege is not granted. If it is, revoke it using REVOKE FILE ON . FROM 'yourmysqluser'@'%';
disclosure
patch
एक्सप्लॉइट स्थिति
EPSS
0.06% (19% शतमक)
CISA SSVC
CVSS वेक्टर
The primary mitigation for CVE-2025-67509 is to upgrade to neuron-core/neuron-ai version 2.8.12 or later, which includes the necessary input validation fixes. If immediate upgrading is not feasible, consider implementing temporary workarounds. Restrict the MySQL/MariaDB account's privileges, specifically revoking the FILE privilege. Configure the database server to prevent writes to publicly accessible directories. Implement a Web Application Firewall (WAF) or proxy to filter potentially malicious SQL queries, specifically targeting INTO OUTFILE and INTO DUMPFILE statements. After upgrading, confirm the fix by attempting a controlled injection of a SELECT ... INTO OUTFILE statement through the agent endpoint and verifying that the file write is blocked.
Actualice a la versión 2.8.12 o superior del framework Neuron AI. Esta versión corrige la vulnerabilidad que permite la escritura arbitraria de archivos en el servidor MySQL/MariaDB. La actualización previene la explotación de la vulnerabilidad a través de inyección de código SQL.
भेद्यता विश्लेषण और गंभीर अलर्ट सीधे आपके ईमेल में।
CVE-2025-67509 is a Remote Code Execution vulnerability in neuron-core/neuron-ai versions up to 2.8.9, allowing attackers to write files to the database server via prompt injection.
You are affected if you are using neuron-core/neuron-ai versions 2.8.9 or earlier and have a publicly accessible agent endpoint.
Upgrade to neuron-core/neuron-ai version 2.8.12 or later. As a temporary workaround, restrict the MySQL/MariaDB account's privileges and prevent writes to publicly accessible directories.
While no active exploitation has been confirmed, the vulnerability's nature and potential impact suggest a high likelihood of exploitation.
Refer to the neuron-core project's official website and GitHub repository for the latest security advisories and updates.
अपनी डिपेंडेंसी फ़ाइल अपलोड करें और तुरंत जानें कि यह CVE और अन्य आपको प्रभावित करती हैं या नहीं।