CVE-2025-6277 is a SQL Injection vulnerability identified in the Brilliance Golden Link Secondary System, specifically affecting versions up to 20250609. The vulnerability exists in the handling of the 'custTradeName' parameter within the file /storagework/custTakeInfoPage.htm. An attacker can remotely manipulate this parameter to inject malicious SQL code, potentially compromising the backend database. The vulnerability does not require user interaction or authentication, making it accessible to unauthenticated remote attackers. The CVSS 4.0 base score is 5.3 (medium severity), reflecting that while the attack vector is network-based and requires no user interaction, it does require low privileges (PR:L) and results in low impact on confidentiality, integrity, and availability. The vulnerability is exploitable remotely, but no known exploits are currently reported in the wild. The lack of patch links suggests that a fix may not yet be publicly available or disclosed. The vulnerability could allow attackers to read or modify limited data within the database, potentially leading to unauthorized data access or manipulation, but the scope and scale of impact are limited by the low confidentiality, integrity, and availability impacts indicated in the CVSS vector.

For European organizations using the Brilliance Golden Link Secondary System, this vulnerability poses a moderate risk. SQL injection can lead to unauthorized data access or modification, which may compromise sensitive customer or business data. Given the medium severity and low impact ratings, the threat is unlikely to cause widespread system outages or critical data breaches but could still result in data integrity issues or partial data disclosure. Organizations in sectors with strict data protection regulations, such as finance, healthcare, or critical infrastructure, may face compliance risks if exploited. The remote and unauthenticated nature of the vulnerability increases the risk of exploitation, especially if the system is exposed to the internet or poorly segmented within internal networks. However, the requirement for low privileges suggests some form of authentication or limited access is needed, which may reduce the attack surface if proper access controls are in place.

Implement strict input validation and parameterized queries or prepared statements for the 'custTradeName' parameter to prevent SQL injection. Restrict network access to the Brilliance Golden Link Secondary System, ensuring it is not directly exposed to untrusted networks or the internet. Apply network segmentation and firewall rules to limit access to the vulnerable system only to authorized users and systems. Monitor logs for unusual or suspicious SQL queries or access patterns related to the custTakeInfoPage.htm endpoint. If available, apply vendor patches or updates promptly once released; in the absence of patches, consider temporary workarounds such as web application firewalls (WAF) with custom rules to block malicious SQL injection payloads targeting the custTradeName parameter. Conduct regular security assessments and penetration testing focused on injection vulnerabilities in the affected system. Enforce the principle of least privilege for accounts accessing the system to minimize potential damage from exploitation.