CVE-2025-59742 is a critical SQL injection vulnerability identified in AndSoft's e-TMS version 25.03. The vulnerability arises from improper neutralization of special elements in SQL commands, specifically related to the 'USRMAIL' parameter in the '/inc/login/TRACK_REQUESTFRMSQL.ASP' endpoint. An attacker can exploit this flaw by sending crafted POST requests that manipulate the SQL query executed by the application. This manipulation can lead to unauthorized retrieval, creation, modification, or deletion of database records. The vulnerability is classified under CWE-89, which pertains to SQL injection, a common and dangerous web application security flaw. The CVSS 4.0 base score of 9.3 reflects its critical severity, with an attack vector that is network-based (AV:N), requiring no privileges (PR:N) or user interaction (UI:N), and with high impact on confidentiality, integrity, and availability (VC:H/VI:H/VA:H). The vulnerability does not require authentication and can be exploited remotely, making it highly dangerous. Although no known exploits are currently reported in the wild, the ease of exploitation and the critical impact make it a significant threat to any organization using the affected software. The lack of available patches at the time of publication increases the urgency for mitigation and risk management.

For European organizations using AndSoft e-TMS v25.03, this vulnerability poses a severe risk. The ability of an attacker to manipulate database content can lead to data breaches involving sensitive information, disruption of transportation management operations, and potential data loss or corruption. Given that e-TMS systems often handle logistics, shipment tracking, and supply chain data, exploitation could disrupt critical business processes, leading to financial losses and reputational damage. Additionally, unauthorized data manipulation could violate GDPR requirements concerning data integrity and confidentiality, exposing organizations to regulatory penalties. The remote and unauthenticated nature of the exploit increases the risk of widespread attacks, especially in sectors relying heavily on logistics and transportation management software. The absence of known exploits currently may provide a window for proactive defense, but the critical severity demands immediate attention.

1. Immediate mitigation should include restricting access to the vulnerable endpoint '/inc/login/TRACK_REQUESTFRMSQL.ASP' using network-level controls such as firewalls or web application firewalls (WAFs) configured to detect and block SQL injection patterns, especially targeting the 'USRMAIL' parameter. 2. Implement input validation and parameterized queries or prepared statements in the application code to sanitize and properly handle user inputs, eliminating the possibility of SQL injection. 3. Monitor application logs for unusual or suspicious POST requests targeting the vulnerable endpoint to detect potential exploitation attempts early. 4. Engage with AndSoft for official patches or updates; if unavailable, consider temporary application-level mitigations such as disabling the affected functionality if feasible. 5. Conduct a comprehensive security review of all input handling in the e-TMS application to identify and remediate similar vulnerabilities. 6. Educate IT and security teams about this vulnerability to ensure rapid incident response capability. 7. For organizations with compliance obligations, document mitigation steps and monitor for data integrity issues to maintain regulatory compliance.