SD.NET RIM 4.7.3c - 'idtyp' SQL Injection
wordt vertaald…Platform
dotnet
Component
sd-net-rim
Opgelost in
4.7.4
CVE-2019-25359 describes a SQL injection vulnerability discovered in SD.NET RIM versions prior to 4.7.3c. This flaw allows attackers to inject malicious SQL statements, potentially compromising the integrity and confidentiality of the database. The vulnerability is triggered through the 'idtyp' and 'idgremium' POST parameters within the /vorlagen/ endpoint. A patch is available in version 4.7.3c.
Detecteer deze CVE in je project
Upload je packages.lock.json-bestand en we vertellen je direct of je getroffen bent.
Impact en Aanvalsscenarioswordt vertaald…
Successful exploitation of CVE-2019-25359 could grant an attacker unauthorized access to the underlying database. By crafting malicious POST requests, an attacker can inject arbitrary SQL code, allowing them to read, modify, or delete sensitive data. This could include user credentials, financial information, or other confidential data stored within the database. The impact extends beyond simple data theft; an attacker could potentially gain control of the application server itself, leading to further compromise of the system. While no specific real-world exploitation examples are publicly documented for this CVE, SQL injection vulnerabilities are consistently among the most exploited web application flaws.
Uitbuitingscontextwordt vertaald…
CVE-2019-25359 was published on 2026-02-18. There is no indication of this vulnerability being actively exploited in the wild, nor is it listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a relatively low probability of near-term exploitation. The vulnerability's severity is rated HIGH based on the CVSS score.
Wie Loopt Risicowordt vertaald…
Organizations utilizing SD.NET RIM versions 4.7.3c and earlier, particularly those with publicly accessible instances of the /vorlagen/ endpoint, are at risk. Environments lacking robust input validation and database security practices are especially vulnerable.
Detectiestappenwordt vertaald…
• dotnet / web: Use a web application scanner to identify the /vorlagen/ endpoint and test for SQL injection vulnerabilities.
curl -X POST -d "idtyp='; DROP TABLE users;--" http://target/vorlagen/• dotnet / web: Examine application logs for suspicious SQL queries or error messages related to database access. • dotnet / web: Monitor network traffic for POST requests to /vorlagen/ containing unusual or malformed data in the 'idtyp' and 'idgremium' parameters.
Aanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.03% (7% percentiel)
CISA SSVC
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Geen — geen authenticatie vereist om te exploiteren.
- User Interaction
- Geen — automatische en stille aanval. Slachtoffer doet niets.
- Scope
- Ongewijzigd — impact beperkt tot het kwetsbare component.
- Confidentiality
- Hoog — volledig verlies van vertrouwelijkheid. Aanvaller kan alle gegevens lezen.
- Integrity
- Laag — aanvaller kan enkele gegevens met beperkte omvang aanpassen.
- Availability
- Geen — geen beschikbaarheidsimpact.
Getroffen Software
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation for CVE-2019-25359 is to upgrade SD.NET RIM to version 4.7.3c or later, which contains the fix. If immediate upgrading is not possible, consider implementing input validation and sanitization on the 'idtyp' and 'idgremium' parameters within the /vorlagen/ endpoint. Web application firewalls (WAFs) configured to detect and block SQL injection attempts can also provide a temporary layer of protection. Review and harden database user permissions to limit the potential damage from a successful injection. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection attack on the /vorlagen/ endpoint with a known malicious payload.
Hoe te verhelpenwordt vertaald…
Actualice SD.NET RIM a la versión 4.7.3c o posterior. Esta versión contiene la corrección para la vulnerabilidad de inyección SQL. Consulte el sitio web del proveedor para obtener instrucciones sobre cómo actualizar.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2019-25359 — SQL Injection in SD.NET RIM?
CVE-2019-25359 is a SQL injection vulnerability affecting SD.NET RIM versions before 4.7.3c, allowing attackers to inject malicious SQL code through POST parameters.
Am I affected by CVE-2019-25359 in SD.NET RIM?
You are affected if you are using SD.NET RIM versions 4.7.3c or earlier. Check your version and upgrade if necessary.
How do I fix CVE-2019-25359 in SD.NET RIM?
Upgrade to version 4.7.3c or later. Implement input validation and consider using a WAF as a temporary mitigation.
Is CVE-2019-25359 being actively exploited?
There is no public evidence of active exploitation of CVE-2019-25359 at this time.
Where can I find the official SD.NET RIM advisory for CVE-2019-25359?
Refer to the SD.NET RIM vendor's security advisories for the most up-to-date information and official guidance.
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.