CVE-2025-52720 is a critical SQL Injection vulnerability (CWE-89) found in the highwarden Super Store Finder product, affecting versions up to 7.5. The vulnerability arises from improper neutralization of special elements used in SQL commands, allowing an attacker to inject malicious SQL code into the application's database queries. According to the CVSS 3.1 vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L), this vulnerability can be exploited remotely over the network without any authentication or user interaction, making it highly accessible to attackers. The impact on confidentiality is high, as attackers can extract sensitive data from the backend database. The integrity impact is rated as none, indicating that the vulnerability does not allow modification of data, while availability impact is low, suggesting limited potential for denial-of-service conditions. The scope is changed (S:C), meaning the vulnerability affects components beyond the vulnerable component itself, potentially impacting other parts of the system. No known exploits have been reported in the wild yet, and no patches have been linked at the time of publication. The vulnerability was reserved in June 2025 and published in August 2025. The lack of authentication and user interaction requirements combined with network accessibility and high confidentiality impact make this a critical threat to any organization using this software.

For European organizations using highwarden Super Store Finder, this vulnerability poses a significant risk to the confidentiality of their data. Since the vulnerability allows remote attackers to extract sensitive information without authentication, organizations could face data breaches involving customer information, business intelligence, or other proprietary data stored in the backend databases. This could lead to regulatory non-compliance issues under GDPR, resulting in financial penalties and reputational damage. The limited impact on integrity and availability reduces the risk of data tampering or service disruption, but the confidentiality breach alone is severe. Retailers, logistics companies, and other businesses relying on Super Store Finder for location services or store data management are particularly vulnerable. The absence of known exploits in the wild currently provides a window for proactive mitigation. However, the critical CVSS score and ease of exploitation mean attackers may develop exploits rapidly. European organizations must prioritize identifying affected versions and applying mitigations promptly to prevent data exfiltration and associated compliance risks.

1. Immediate identification of all instances of highwarden Super Store Finder within the organization is essential. Conduct thorough inventory and version audits to determine exposure. 2. Since no official patches are currently linked, organizations should implement Web Application Firewall (WAF) rules specifically designed to detect and block SQL injection patterns targeting Super Store Finder endpoints. 3. Employ input validation and parameterized queries or prepared statements in any custom integrations or extensions to the product to mitigate injection risks. 4. Monitor network traffic and application logs for unusual query patterns or unexpected database access that could indicate exploitation attempts. 5. Restrict database user permissions used by Super Store Finder to the minimum necessary, limiting access to sensitive tables and data. 6. Engage with the vendor (highwarden) for updates on patches or security advisories and apply official fixes as soon as they become available. 7. Conduct penetration testing focused on SQL injection vectors to verify the effectiveness of mitigations. 8. Educate relevant IT and security teams about the vulnerability and ensure incident response plans include procedures for SQL injection incidents.