CVE-2025-50341 is a critical Boolean-based SQL injection vulnerability identified in Axelor version 5.2.4, specifically exploitable via the _domain parameter. Boolean-based SQL injection is a technique where an attacker manipulates the logic of SQL queries by injecting conditional statements that evaluate to true or false, thereby inferring information from the database based on the application's responses. In this case, the vulnerability allows an unauthenticated attacker to inject malicious SQL code without any user interaction, enabling them to manipulate the backend database queries. This can lead to unauthorized data exposure, including sensitive business or personal information, and potentially allow further exploitation such as privilege escalation, data modification, or complete system compromise. The CVSS v3.1 score of 9.8 reflects the high severity, with attack vector being network-based, no privileges or user interaction required, and full impact on confidentiality, integrity, and availability. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), a common and dangerous injection flaw. Although no known exploits are currently reported in the wild, the critical nature and ease of exploitation make it a significant threat to organizations using Axelor 5.2.4. The lack of available patches at the time of publication further increases risk exposure.

For European organizations, the impact of this vulnerability can be severe. Axelor is an open-source ERP and BPM platform used by various enterprises for managing business processes, including finance, HR, and supply chain operations. Exploitation could lead to unauthorized access to sensitive corporate data, including financial records, employee information, and intellectual property. This could result in data breaches subject to GDPR penalties, reputational damage, and operational disruptions. The ability to alter or delete data threatens business continuity and integrity of critical systems. Given the network-based attack vector and no authentication requirement, attackers can remotely exploit this vulnerability, increasing the risk of widespread compromise. Industries with high regulatory scrutiny, such as finance, healthcare, and manufacturing, are particularly vulnerable. Additionally, the potential for lateral movement within networks after initial compromise could escalate the impact beyond the ERP system itself.

Immediate mitigation steps include: 1) Applying any available security patches or updates from Axelor as soon as they are released. Since no patches are currently available, organizations should monitor vendor advisories closely. 2) Implementing Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting the _domain parameter. 3) Employing strict input validation and sanitization on all user-supplied parameters, especially those interacting with SQL queries. 4) Restricting database user permissions to the minimum necessary to limit the impact of any injection attack. 5) Conducting thorough code reviews and penetration testing focused on injection vulnerabilities in customizations or integrations with Axelor. 6) Monitoring logs for unusual query patterns or errors indicative of injection attempts. 7) Segmenting the network to isolate ERP systems and limit attacker lateral movement. 8) Educating developers and administrators about secure coding practices and the risks of injection flaws. These measures, combined, reduce the attack surface and improve detection and response capabilities until a vendor patch is available.