Skip to main content

CVE-2024-25400: n/a in n/a

Critical
VulnerabilityCVE-2024-25400cvecve-2024-25400
Published: Tue Feb 27 2024 (02/27/2024, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php. NOTE: this is disputed by multiple third parties because it refers to an HTTP request to a PHP file that only contains a class, without any mechanism for accepting external input, and the reportedly vulnerable method is not present in the file.

AI-Powered Analysis

AILast updated: 07/06/2025, 08:55:27 UTC

Technical Analysis

CVE-2024-25400 is reported as a critical SQL Injection vulnerability (CVSS 9.8) allegedly affecting Subrion CMS version 4.2.1 via the file ia.core.mysqli.php. SQL Injection (CWE-89) vulnerabilities allow attackers to manipulate backend SQL queries by injecting malicious input, potentially leading to unauthorized data access, data modification, or full system compromise. However, this particular vulnerability is disputed by multiple third parties because the referenced PHP file (ia.core.mysqli.php) only contains a class definition without any direct mechanism to accept external input, and the reportedly vulnerable method is not present in the file. This raises significant doubts about the validity of the vulnerability claim. No patch or vendor advisory is available, and no known exploits have been reported in the wild. The CVSS vector indicates the vulnerability is remotely exploitable over the network without authentication or user interaction, with high impact on confidentiality, integrity, and availability. Despite the high CVSS score, the lack of corroborating technical evidence and absence of exploit code suggest that this vulnerability may be a false positive or incorrectly reported. Subrion CMS is an open-source content management system used for website management, but its market share is relatively small compared to major CMS platforms. The dispute around the vulnerability means organizations should carefully verify their Subrion CMS installations and monitor for any official vendor updates or advisories before taking action.

Potential Impact

If this vulnerability were valid and exploitable, European organizations using Subrion CMS 4.2.1 could face severe risks including unauthorized data disclosure, data tampering, and potential full system compromise. This could lead to data breaches involving personal or sensitive information, disruption of website availability, and reputational damage. However, given the dispute over the vulnerability's existence and the absence of known exploits, the immediate impact is likely low. Organizations relying on Subrion CMS should remain vigilant but not assume imminent risk without further confirmation. The impact is also limited by the relatively low adoption of Subrion CMS in Europe compared to more widely used CMS platforms. Nonetheless, any successful SQL Injection in a CMS can be leveraged to pivot into internal networks or launch further attacks, so the potential impact remains significant if the vulnerability is real.

Mitigation Recommendations

1. Verify the use of Subrion CMS 4.2.1 within your environment and identify any instances of ia.core.mysqli.php. 2. Monitor official Subrion CMS channels and trusted vulnerability databases for any vendor patches or clarifications regarding CVE-2024-25400. 3. Conduct code reviews and penetration testing focused on SQL Injection vectors in your CMS deployment, especially if customizations or third-party plugins are used. 4. Employ Web Application Firewalls (WAFs) with SQL Injection detection rules to provide an additional layer of defense. 5. Restrict database user privileges to the minimum necessary to limit the impact of any potential injection. 6. Maintain regular backups and incident response plans to quickly recover from any compromise. 7. If possible, consider upgrading to a newer, supported CMS version or alternative platform with active security maintenance. 8. Stay informed through threat intelligence feeds for any emerging exploit activity related to this CVE.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2024-02-07T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682cd0fa1484d88663aec489

Added to database: 5/20/2025, 6:59:06 PM

Last enriched: 7/6/2025, 8:55:27 AM

Last updated: 8/16/2025, 1:48:25 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats