CVE-2025-10121 is a medium-severity SQL Injection vulnerability identified in the uverif software versions 3.0 through 3.2. The vulnerability resides in the addbatch function within the /admin/kami_list file. Specifically, the flaw is triggered by improper sanitization or validation of the 'note' argument, which can be manipulated by an attacker to inject malicious SQL code. This injection flaw allows an unauthenticated remote attacker with low privileges (PR:L) to execute arbitrary SQL commands on the backend database without requiring user interaction. The vulnerability does not require authentication or user interaction, making it remotely exploitable over the network with low attack complexity. The CVSS 4.0 vector indicates no scope change and low impact on confidentiality, integrity, and availability, but the exploitability is enhanced by the lack of required authentication and user interaction. Although no known exploits are currently observed in the wild, a public exploit has been published, increasing the risk of exploitation. The vulnerability could allow attackers to read, modify, or delete sensitive data stored in the database, potentially leading to data leakage, unauthorized data manipulation, or disruption of service depending on the database's role within the application. Given the affected function is within an administrative path, successful exploitation could compromise administrative data or functions, amplifying the impact. The lack of available patches or official remediation guidance at the time of publication necessitates immediate attention from organizations using uverif versions 3.0 to 3.2 to mitigate potential risks.

For European organizations using uverif versions 3.0 to 3.2, this vulnerability poses a tangible risk to the confidentiality and integrity of their data. Since uverif is presumably used in administrative or verification contexts, exploitation could lead to unauthorized access to sensitive administrative data or manipulation of critical records. This could result in data breaches, compliance violations (notably with GDPR), and operational disruptions. The remote and unauthenticated nature of the exploit increases the attack surface, especially for organizations exposing the affected endpoint to the internet or internal networks with insufficient segmentation. The medium severity suggests that while the impact is not catastrophic, it is significant enough to warrant prompt remediation to prevent potential data loss or unauthorized data alteration. Additionally, the publication of an exploit increases the likelihood of opportunistic attacks targeting European entities, especially those in sectors with high regulatory scrutiny or valuable data assets.

1. Immediate mitigation should include restricting access to the /admin/kami_list endpoint through network-level controls such as IP whitelisting, VPN access, or firewall rules to limit exposure to trusted users only. 2. Implement Web Application Firewall (WAF) rules specifically designed to detect and block SQL injection attempts targeting the 'note' parameter in the addbatch function. 3. Conduct a thorough code review and input validation enhancement for the addbatch function to sanitize and parameterize SQL queries, eliminating direct concatenation of user input. 4. If possible, upgrade to a patched version of uverif once available; in the absence of an official patch, consider applying custom patches or workarounds that enforce prepared statements or ORM usage. 5. Monitor logs for suspicious activity related to the /admin/kami_list endpoint, focusing on anomalous input patterns or repeated access attempts. 6. Educate administrators and developers about the risks of SQL injection and enforce secure coding practices to prevent similar vulnerabilities. 7. Perform regular vulnerability scanning and penetration testing to detect any exploitation attempts or residual vulnerabilities in the application environment.