CVE-2025-5384 is a SQL Injection vulnerability identified in JeeWMS, specifically affecting the function CgAutoListController within the /cgAutoListController.do?datagrid endpoint. This vulnerability allows an unauthenticated remote attacker with low privileges to manipulate input parameters to inject malicious SQL commands, potentially compromising the underlying database. The vulnerability exists in versions up to 20250504, but due to JeeWMS's rolling release model, exact version details for affected and patched releases are not clearly delineated. The CVSS 4.0 base score is 5.3, indicating a medium severity level. The vector indicates network attack vector (AV:N), low attack complexity (AC:L), no authentication required (AT:N), no user interaction (UI:N), and low impact on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). Although the impact on CIA triad components is low, the ability to remotely inject SQL commands can lead to unauthorized data access or modification if chained with other vulnerabilities or misconfigurations. No known exploits are currently reported in the wild, and no patches or vendor advisories have been linked yet. The vulnerability's presence in a web-based management system like JeeWMS, which is likely used for warehouse or inventory management, raises concerns about data integrity and operational continuity if exploited.

For European organizations using JeeWMS, this vulnerability poses a risk of unauthorized database access or manipulation, potentially leading to data leakage, corruption, or disruption of warehouse management operations. Given the medium severity and low impact ratings, the immediate risk may be limited; however, attackers could leverage this vulnerability as part of a multi-stage attack to escalate privileges or move laterally within a network. The potential impact includes exposure of sensitive business data, disruption of supply chain logistics, and operational downtime. Organizations in sectors relying heavily on inventory and warehouse management, such as manufacturing, retail, and logistics, could face operational challenges. Additionally, regulatory compliance risks may arise if personal or sensitive data is exposed due to the vulnerability, implicating GDPR obligations. The lack of available patches and the rolling release model complicate timely remediation, increasing the window of exposure.

European organizations should implement the following specific mitigations: 1) Conduct an immediate audit to identify all instances of JeeWMS in use and verify the version to assess exposure. 2) Restrict network access to the JeeWMS management interface, limiting it to trusted internal IP addresses or VPN connections to reduce exposure to remote attacks. 3) Employ web application firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting the /cgAutoListController.do?datagrid endpoint. 4) Monitor application logs for unusual query parameters or error messages indicative of injection attempts. 5) Engage with the JeeWMS vendor or community to obtain or request patches or updates addressing this vulnerability. 6) If possible, implement input validation and parameterized queries at the application layer to prevent injection. 7) Prepare incident response plans specific to database compromise scenarios, including data integrity verification and recovery procedures. 8) Consider isolating the JeeWMS environment in segmented network zones to contain potential breaches.