CVE-2025-5152: SQL Injection in Chanjet CRM
A vulnerability classified as critical was found in Chanjet CRM up to 20250510. This vulnerability affects unknown code of the file /activity/newActivityedit.php?DontCheckLogin=1&id=null&ret=mod1. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI Analysis
Technical Summary
CVE-2025-5152 is a SQL Injection vulnerability identified in the Chanjet CRM product, specifically affecting versions up to 20250510. The vulnerability resides in the web application file /activity/newActivityedit.php, where the parameter 'gblOrgID' is improperly sanitized. This lack of input validation allows an attacker to inject malicious SQL code remotely without requiring authentication or user interaction. The injection point is accessible via a URL parameter, making exploitation feasible through crafted HTTP requests. Although the CVSS 4.0 score is rated as medium (5.3), the vulnerability enables an attacker to manipulate database queries, potentially leading to unauthorized data access, data modification, or disruption of CRM functionality. The vendor has not responded to disclosure attempts, and no patches or mitigations have been officially released. While public exploit code has not been confirmed in the wild, the vulnerability's remote and unauthenticated nature increases the risk of exploitation, especially in environments where Chanjet CRM is exposed to untrusted networks.
Potential Impact
For European organizations using Chanjet CRM, this vulnerability poses a significant risk to the confidentiality and integrity of customer and business data managed within the CRM system. Successful exploitation could lead to unauthorized data disclosure, including sensitive client information, sales data, and internal communications. Data integrity could be compromised by unauthorized modifications, potentially disrupting business operations and decision-making processes. Availability impacts are possible if injected queries cause database errors or service interruptions. Given the CRM's role in customer relationship management, exploitation could damage organizational reputation and lead to regulatory compliance issues under GDPR, especially if personal data is exposed. The medium CVSS score suggests moderate ease of exploitation but with limited scope or impact compared to higher severity vulnerabilities. However, the lack of vendor response and patch availability increases exposure time, elevating risk for European entities relying on this software.
Mitigation Recommendations
European organizations should immediately audit their Chanjet CRM deployments to identify affected versions (up to 20250510). In absence of official patches, organizations should implement the following mitigations: 1) Restrict access to the CRM web interface to trusted internal networks or VPNs to reduce exposure to remote attackers. 2) Employ Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting the 'gblOrgID' parameter. 3) Conduct input validation and sanitization at the application or proxy level if possible, to filter malicious payloads. 4) Monitor application logs and database query logs for suspicious activity indicative of injection attempts. 5) Plan for an urgent update or patch deployment once the vendor releases a fix, or consider migrating to alternative CRM solutions if the vendor remains unresponsive. 6) Educate IT and security teams about this vulnerability to ensure rapid incident response if exploitation is detected.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden
CVE-2025-5152: SQL Injection in Chanjet CRM
Description
A vulnerability classified as critical was found in Chanjet CRM up to 20250510. This vulnerability affects unknown code of the file /activity/newActivityedit.php?DontCheckLogin=1&id=null&ret=mod1. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI-Powered Analysis
Technical Analysis
CVE-2025-5152 is a SQL Injection vulnerability identified in the Chanjet CRM product, specifically affecting versions up to 20250510. The vulnerability resides in the web application file /activity/newActivityedit.php, where the parameter 'gblOrgID' is improperly sanitized. This lack of input validation allows an attacker to inject malicious SQL code remotely without requiring authentication or user interaction. The injection point is accessible via a URL parameter, making exploitation feasible through crafted HTTP requests. Although the CVSS 4.0 score is rated as medium (5.3), the vulnerability enables an attacker to manipulate database queries, potentially leading to unauthorized data access, data modification, or disruption of CRM functionality. The vendor has not responded to disclosure attempts, and no patches or mitigations have been officially released. While public exploit code has not been confirmed in the wild, the vulnerability's remote and unauthenticated nature increases the risk of exploitation, especially in environments where Chanjet CRM is exposed to untrusted networks.
Potential Impact
For European organizations using Chanjet CRM, this vulnerability poses a significant risk to the confidentiality and integrity of customer and business data managed within the CRM system. Successful exploitation could lead to unauthorized data disclosure, including sensitive client information, sales data, and internal communications. Data integrity could be compromised by unauthorized modifications, potentially disrupting business operations and decision-making processes. Availability impacts are possible if injected queries cause database errors or service interruptions. Given the CRM's role in customer relationship management, exploitation could damage organizational reputation and lead to regulatory compliance issues under GDPR, especially if personal data is exposed. The medium CVSS score suggests moderate ease of exploitation but with limited scope or impact compared to higher severity vulnerabilities. However, the lack of vendor response and patch availability increases exposure time, elevating risk for European entities relying on this software.
Mitigation Recommendations
European organizations should immediately audit their Chanjet CRM deployments to identify affected versions (up to 20250510). In absence of official patches, organizations should implement the following mitigations: 1) Restrict access to the CRM web interface to trusted internal networks or VPNs to reduce exposure to remote attackers. 2) Employ Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection attempts targeting the 'gblOrgID' parameter. 3) Conduct input validation and sanitization at the application or proxy level if possible, to filter malicious payloads. 4) Monitor application logs and database query logs for suspicious activity indicative of injection attempts. 5) Plan for an urgent update or patch deployment once the vendor releases a fix, or consider migrating to alternative CRM solutions if the vendor remains unresponsive. 6) Educate IT and security teams about this vulnerability to ensure rapid incident response if exploitation is detected.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-05-24T17:47:16.840Z
- Cisa Enriched
- false
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68334e470acd01a249281cf8
Added to database: 5/25/2025, 5:07:19 PM
Last enriched: 7/9/2025, 1:28:08 PM
Last updated: 8/15/2025, 12:15:23 PM
Views: 13
Related Threats
CVE-2025-55284: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in anthropics claude-code
HighCVE-2025-55286: CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer in vancluever z2d
HighCVE-2025-52621: CWE-346 Origin Validation Error in HCL Software BigFix SaaS Remediate
MediumCVE-2025-52620: CWE-20 Improper Input Validation in HCL Software BigFix SaaS Remediate
MediumCVE-2025-52619: CWE-209 Generation of Error Message Containing Sensitive Information in HCL Software BigFix SaaS Remediate
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.