CVE-2025-58462 is a critical SQL Injection vulnerability affecting OPEXUS FOIAXpress Public Access Link (PAL) versions prior to 11.13.1.0. The vulnerability exists in the SearchPopularDocs.aspx component, where improper neutralization of special elements in SQL commands allows an unauthenticated remote attacker to inject malicious SQL code. This flaw stems from CWE-89, indicating that user-supplied input is not properly sanitized or parameterized before being incorporated into SQL queries. Exploitation of this vulnerability enables attackers to perform unauthorized read, write, or deletion operations on the underlying database. Since the attack vector requires no authentication or user interaction and can be executed remotely over the network, the risk is significantly elevated. The CVSS 4.0 base score of 9.3 reflects the critical nature of this vulnerability, highlighting its high impact on confidentiality, integrity, and availability of data. The vulnerability does not currently have known exploits in the wild, but the ease of exploitation and severity make it a prime target for attackers once publicized. FOIAXpress PAL is a software product used for managing public access to information requests, often employed by government agencies and organizations handling sensitive or regulated data. The ability to manipulate the database directly could lead to data breaches, unauthorized data modification, or denial of service conditions, severely impacting organizational operations and trust.

For European organizations, especially public sector entities and agencies using FOIAXpress PAL to manage Freedom of Information requests or similar public data access, this vulnerability poses a significant threat. Exploitation could lead to unauthorized disclosure of sensitive or personal data, violating GDPR and other data protection regulations, resulting in legal penalties and reputational damage. Data integrity could be compromised by unauthorized modifications or deletions, undermining the reliability of public records and transparency efforts. Availability impacts could disrupt public services reliant on FOIAXpress PAL, causing operational downtime and loss of citizen trust. Given the criticality and unauthenticated remote access, attackers could leverage this vulnerability to establish persistent footholds or pivot to other internal systems, escalating the overall risk landscape. The impact extends beyond data loss to potential regulatory fines and erosion of public confidence in government digital services.

Organizations should prioritize upgrading FOIAXpress PAL to version 11.13.1.0 or later, where the vulnerability is patched. If immediate upgrade is not feasible, implement web application firewall (WAF) rules specifically designed to detect and block SQL injection patterns targeting SearchPopularDocs.aspx. Conduct thorough input validation and parameterization of all user inputs within the application code to prevent injection attacks. Restrict database permissions for the application account to the minimum necessary, limiting the potential damage from exploitation. Monitor application logs and database activity for anomalous queries or unauthorized access attempts. Employ network segmentation to isolate the FOIAXpress PAL system from broader internal networks, reducing lateral movement risk. Regularly audit and review security configurations and ensure that security patches are applied promptly. Additionally, organizations should prepare incident response plans tailored to data breach scenarios involving FOIAXpress PAL to minimize impact if exploitation occurs.