CVE-2025-5107 is a SQL Injection vulnerability identified in Fujian Kelixun version 1.0, specifically within the /app/xml_cdr/xml_cdr_details.php file. The vulnerability arises from improper sanitization or validation of the 'uuid' parameter, which is susceptible to malicious input manipulation. An attacker can exploit this flaw remotely without requiring user interaction or authentication, by injecting crafted SQL commands through the 'uuid' argument. This can lead to unauthorized access or modification of the backend database, potentially exposing sensitive data or enabling further compromise of the system. The vulnerability has been publicly disclosed, and although no known exploits are currently observed in the wild, the availability of the exploit code increases the risk of exploitation. The vendor has not responded to the disclosure, and no patches or mitigations have been officially released. The CVSS 4.0 base score is 5.3 (medium severity), reflecting the network attack vector, low attack complexity, no privileges or user interaction required, but limited impact on confidentiality, integrity, and availability. The vulnerability affects only version 1.0 of the Kelixun product, which is presumably used in telecommunication or call data record management contexts given the file path and product naming conventions.

For European organizations using Fujian Kelixun 1.0, this vulnerability poses a risk of unauthorized database access and potential data leakage or manipulation. Given the nature of the affected file (xml_cdr_details.php), which likely handles call detail records or similar telecommunication data, exploitation could compromise sensitive customer or operational data. This could lead to breaches of privacy regulations such as GDPR, resulting in legal and financial repercussions. Additionally, attackers could leverage the SQL injection to pivot within the network, escalate privileges, or disrupt services, impacting availability and operational continuity. The medium CVSS score suggests a moderate risk, but the lack of vendor response and patch availability increases exposure. European telecom providers or service companies relying on this product may face targeted attacks aiming to extract sensitive information or disrupt services.

Since no official patches are available, European organizations should implement immediate compensating controls. These include: 1) Applying Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting the 'uuid' parameter in xml_cdr_details.php requests. 2) Conducting input validation and sanitization at the application or proxy level to reject suspicious inputs. 3) Restricting network access to the vulnerable application to trusted IP ranges and enforcing strict segmentation to limit exposure. 4) Monitoring logs for unusual query patterns or error messages indicative of SQL injection attempts. 5) If feasible, upgrading or migrating away from Fujian Kelixun 1.0 to a more secure or supported version/product. 6) Implementing database-level protections such as least privilege accounts and query parameterization where possible. 7) Preparing incident response plans to quickly address any detected exploitation attempts.