CVE-2023-50162 is a high-severity SQL injection vulnerability identified in EmpireCMS version 7.5. The vulnerability arises from improper sanitization of user inputs in the DoExecSql function, which allows remote attackers to inject malicious SQL commands. Exploiting this flaw, attackers can execute arbitrary SQL queries on the backend database, potentially leading to unauthorized data access, data manipulation, or even remote code execution depending on the database and application configuration. The vulnerability is remotely exploitable over the network without requiring user interaction, but it does require some level of privileges (PR:H) indicating that some form of authentication or elevated access might be necessary to trigger the exploit. The CVSS 3.1 base score of 7.2 reflects a high impact on confidentiality, integrity, and availability, with network attack vector and low attack complexity. The CWE-89 classification confirms this is a classic SQL injection issue. Although no public exploits are currently known in the wild and no official patches have been linked, the risk remains significant due to the potential for attackers to gain sensitive information or disrupt services. EmpireCMS is a content management system used primarily in Chinese-speaking regions but may have deployments in Europe, especially in niche or legacy environments. The lack of detailed affected versions and vendor information limits precise scope assessment, but the vulnerability's nature suggests that any unpatched EmpireCMS 7.5 installations are at risk.

For European organizations using EmpireCMS 7.5, this vulnerability poses a serious risk. Successful exploitation could lead to unauthorized disclosure of sensitive data, including user credentials, business information, or intellectual property. It could also allow attackers to alter or delete data, undermining data integrity and potentially causing service disruptions. In worst-case scenarios, attackers might leverage SQL injection to execute arbitrary code on the server, leading to full system compromise. This can result in reputational damage, regulatory penalties under GDPR for data breaches, and operational downtime. Given that the vulnerability requires some privilege level, insider threats or compromised accounts could facilitate exploitation. European organizations relying on EmpireCMS for public-facing websites or internal portals should consider the risk of data leakage and service interruption, which could impact customer trust and business continuity.

Organizations should immediately audit their use of EmpireCMS, specifically version 7.5, to identify affected systems. Since no official patches are currently linked, mitigation should focus on implementing strict input validation and sanitization in the DoExecSql function or disabling this function if not required. Employing Web Application Firewalls (WAFs) with rules targeting SQL injection patterns can provide a temporary protective layer. Restrict database user privileges to the minimum necessary to limit the impact of potential injection attacks. Monitoring logs for unusual SQL queries or error messages can help detect exploitation attempts early. Additionally, organizations should consider isolating EmpireCMS instances from critical internal networks and backing up data regularly to enable recovery in case of compromise. Engaging with the vendor or community for patches or updates is also recommended. Finally, educating administrators about the risks and signs of SQL injection attacks can improve incident response readiness.