Skip to main content

Dm Corporative Cms CVE-2025-40656

| EUVDEUVD-2025-17653 CRITICAL
SQL Injection (CWE-89)
2025-06-10 cve-coordination@incibe.es
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 05:54 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
2025.01
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17653
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 10:15 nvd
CRITICAL 9.8

DescriptionCVE.org

A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod parameter in /administer/node-selection/data.asp.

AnalysisAI

Critical SQL injection vulnerability in DM Corporative CMS that allows unauthenticated remote attackers to execute arbitrary SQL commands through the 'cod' parameter in the /administer/node-selection/data.asp endpoint. This enables complete database compromise including unauthorized retrieval, creation, modification, and deletion of data. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this represents an extremely high-severity threat to all exposed instances; exploitation status and proof-of-concept availability should be verified against current KEV and EPSS data.

Technical ContextAI

This vulnerability is a classic SQL injection (CWE-89) flaw occurring in an Active Server Pages (ASP) application layer. The DM Corporative CMS application fails to properly sanitize or parameterize user input from the 'cod' parameter before incorporating it into SQL queries. The vulnerable endpoint '/administer/node-selection/data.asp' processes HTTP requests without adequate input validation or prepared statement usage, allowing attackers to inject malicious SQL syntax. ASP-based applications using dynamic query construction without parameterized queries or ORM frameworks are particularly susceptible to this attack class. The 'administer' path designation suggests this is an administrative interface, which may imply some architectural intent for restricted access that is being bypassed through the absence of authentication controls (PR:N in CVSS vector).

RemediationAI

IMMEDIATE: (1) Apply vendor security patch for DM Corporative CMS as soon as released; coordinate with vendor for version-specific patch availability. (2) Implement input validation and parameterized SQL queries (prepared statements) using the underlying database driver—validate 'cod' parameter against expected format (alphanumeric, numeric-only, etc.) and use parameterized query syntax (e.g., SQL parameters, prepared statements) to eliminate injection. (3) Implement principle of least privilege: ensure database service account has minimal required permissions (SELECT-only for read operations, exclude DROP/DELETE if not required). (4) Deploy Web Application Firewall (WAF) rules to detect and block SQL injection patterns in the 'cod' parameter; monitor for ' OR '1'='1, '; DROP TABLE, and other common SQL injection payloads. (5) Restrict access to /administer/* paths via network-level controls (IP whitelisting, VPN requirement) pending patch availability. (6) Conduct immediate SQL audit logs for indicators of compromise (unusual DELETE/DROP activity, data exfiltration patterns). Monitor backup integrity. REFERENCES: Check DM Corporative CMS vendor security advisory, GitHub security advisories, and vendor patch portal for specific version patches and hotfixes.

Share

CVE-2025-40656 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy