CVE-2025-5696: SQL Injection in Brilliance Golden Link Secondary System
A vulnerability classified as critical was found in Brilliance Golden Link Secondary System up to 20250424. This vulnerability affects unknown code of the file /storagework/rentChangeCheckInfoPage.htm. The manipulation of the argument clientname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
AI Analysis
Technical Summary
CVE-2025-5696 is a SQL Injection vulnerability identified in the Brilliance Golden Link Secondary System, specifically affecting versions up to 20250424. The vulnerability resides in the web application file /storagework/rentChangeCheckInfoPage.htm, where the 'clientname' parameter is improperly sanitized, allowing an attacker to inject malicious SQL code. This flaw enables remote attackers to manipulate backend database queries without requiring authentication or user interaction. The vulnerability has a CVSS 4.0 base score of 5.3, indicating a medium severity level. The vector metrics show that the attack can be launched remotely (AV:N) with low attack complexity (AC:L), no privileges required (PR:L, which is low but not none), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is limited (VC:L, VI:L, VA:L), suggesting partial compromise potential. The vulnerability is publicly disclosed, but no known exploits are currently observed in the wild. The SQL Injection allows attackers to potentially read or modify sensitive data in the backend database, which could lead to unauthorized data access, data corruption, or further exploitation depending on the database privileges and application logic. Given the lack of patches or mitigation links, the vulnerability remains unpatched at the time of disclosure, increasing risk for affected deployments.
Potential Impact
For European organizations using the Brilliance Golden Link Secondary System, this vulnerability poses a risk of unauthorized data access and manipulation. Since the system appears to handle rental or client information (implied by the affected page name), exploitation could lead to exposure of personal data, violating GDPR requirements and resulting in regulatory penalties. The ability to remotely exploit the vulnerability without user interaction increases the risk of automated attacks or targeted intrusions. Data integrity could be compromised, affecting business operations reliant on accurate client information. Additionally, attackers might leverage this vulnerability as a foothold to escalate privileges or move laterally within the network. The medium CVSS score reflects limited but significant impact, especially if the system is integrated with other critical infrastructure. Organizations may face reputational damage and financial losses if sensitive client data is leaked or manipulated.
Mitigation Recommendations
Specific mitigation steps include: 1) Immediate code review and sanitization of the 'clientname' parameter in /storagework/rentChangeCheckInfoPage.htm to prevent SQL Injection, employing parameterized queries or prepared statements. 2) Implement Web Application Firewalls (WAFs) with custom rules to detect and block SQL Injection patterns targeting this parameter. 3) Conduct thorough security testing, including automated and manual penetration tests focusing on input validation across the application. 4) Monitor logs for unusual database query patterns or repeated access attempts to the vulnerable endpoint. 5) Restrict database user privileges to the minimum necessary to limit the impact of potential injection. 6) If possible, isolate the Golden Link Secondary System from external networks or restrict access to trusted IP ranges until a patch is available. 7) Engage with the vendor for official patches or updates and apply them promptly once released. 8) Educate development teams on secure coding practices to prevent similar vulnerabilities in future releases.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Belgium, Poland
CVE-2025-5696: SQL Injection in Brilliance Golden Link Secondary System
Description
A vulnerability classified as critical was found in Brilliance Golden Link Secondary System up to 20250424. This vulnerability affects unknown code of the file /storagework/rentChangeCheckInfoPage.htm. The manipulation of the argument clientname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
AI-Powered Analysis
Technical Analysis
CVE-2025-5696 is a SQL Injection vulnerability identified in the Brilliance Golden Link Secondary System, specifically affecting versions up to 20250424. The vulnerability resides in the web application file /storagework/rentChangeCheckInfoPage.htm, where the 'clientname' parameter is improperly sanitized, allowing an attacker to inject malicious SQL code. This flaw enables remote attackers to manipulate backend database queries without requiring authentication or user interaction. The vulnerability has a CVSS 4.0 base score of 5.3, indicating a medium severity level. The vector metrics show that the attack can be launched remotely (AV:N) with low attack complexity (AC:L), no privileges required (PR:L, which is low but not none), and no user interaction (UI:N). The impact on confidentiality, integrity, and availability is limited (VC:L, VI:L, VA:L), suggesting partial compromise potential. The vulnerability is publicly disclosed, but no known exploits are currently observed in the wild. The SQL Injection allows attackers to potentially read or modify sensitive data in the backend database, which could lead to unauthorized data access, data corruption, or further exploitation depending on the database privileges and application logic. Given the lack of patches or mitigation links, the vulnerability remains unpatched at the time of disclosure, increasing risk for affected deployments.
Potential Impact
For European organizations using the Brilliance Golden Link Secondary System, this vulnerability poses a risk of unauthorized data access and manipulation. Since the system appears to handle rental or client information (implied by the affected page name), exploitation could lead to exposure of personal data, violating GDPR requirements and resulting in regulatory penalties. The ability to remotely exploit the vulnerability without user interaction increases the risk of automated attacks or targeted intrusions. Data integrity could be compromised, affecting business operations reliant on accurate client information. Additionally, attackers might leverage this vulnerability as a foothold to escalate privileges or move laterally within the network. The medium CVSS score reflects limited but significant impact, especially if the system is integrated with other critical infrastructure. Organizations may face reputational damage and financial losses if sensitive client data is leaked or manipulated.
Mitigation Recommendations
Specific mitigation steps include: 1) Immediate code review and sanitization of the 'clientname' parameter in /storagework/rentChangeCheckInfoPage.htm to prevent SQL Injection, employing parameterized queries or prepared statements. 2) Implement Web Application Firewalls (WAFs) with custom rules to detect and block SQL Injection patterns targeting this parameter. 3) Conduct thorough security testing, including automated and manual penetration tests focusing on input validation across the application. 4) Monitor logs for unusual database query patterns or repeated access attempts to the vulnerable endpoint. 5) Restrict database user privileges to the minimum necessary to limit the impact of potential injection. 6) If possible, isolate the Golden Link Secondary System from external networks or restrict access to trusted IP ranges until a patch is available. 7) Engage with the vendor for official patches or updates and apply them promptly once released. 8) Educate development teams on secure coding practices to prevent similar vulnerabilities in future releases.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-06-04T20:29:04.609Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68420f89182aa0cae2f22329
Added to database: 6/5/2025, 9:43:37 PM
Last enriched: 7/7/2025, 5:25:32 PM
Last updated: 8/8/2025, 10:26:38 AM
Views: 12
Related Threats
CVE-2025-26398: CWE-798 Use of Hard-coded Credentials in SolarWinds Database Performance Analyzer
MediumCVE-2025-41686: CWE-306 Missing Authentication for Critical Function in Phoenix Contact DaUM
HighCVE-2025-8874: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in litonice13 Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations
MediumCVE-2025-8767: CWE-1236 Improper Neutralization of Formula Elements in a CSV File in anwppro AnWP Football Leagues
MediumCVE-2025-8482: CWE-862 Missing Authorization in 10up Simple Local Avatars
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.