Kolay Software 的 Talentics 存在 SQLi 漏洞

The SQL Injection vulnerability in Talentics allows an attacker to bypass application security measures and directly interact with the underlying database. Due to the 'blind' nature of the injection, attackers must infer data through responses, making exploitation more complex but not impossible. Successful exploitation could lead to the extraction of sensitive information such as user credentials, financial data, or proprietary business information. Lateral movement within the network is possible if the database user has sufficient privileges. The blast radius extends to any data stored within the Talentics database, potentially impacting the entire organization.

Organizations utilizing Talentics for customer relationship management, data storage, or any application where sensitive data is processed are at significant risk. Legacy deployments of Talentics, particularly those without robust security controls, are especially vulnerable. Shared hosting environments where multiple tenants share the same database instance are also at increased risk.

1. 2026-02-20Disclosure

   disclosure

1. 已保留2025-09-25
2. 发布日期2026-02-20
3. 修改日期2026-03-25
4. EPSS 更新日期2026-03-23

The primary mitigation for CVE-2025-10970 is to immediately upgrade Talentics to version 20022026.0.1. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules designed to detect and block SQL injection attempts. Input validation and parameterized queries should be implemented to prevent future vulnerabilities. Monitor database logs for suspicious activity, specifically queries that deviate from normal patterns. Given the vendor's lack of response, thorough testing of the upgrade in a non-production environment is crucial before deploying to production.