CVE-2025-7873 is a SQL Injection vulnerability identified in Metasoft 美特软件's MetaCRM product, specifically affecting versions up to 6.4.2. The vulnerability resides in an unspecified functionality within the mcc_login.jsp file, where the 'workerid' parameter is improperly sanitized, allowing an attacker to inject malicious SQL code. This flaw can be exploited remotely without requiring user interaction or authentication, making it a significant risk. The vulnerability has been publicly disclosed, and although the vendor was notified early, no response or patch has been issued to date. The CVSS 4.0 base score is 5.3 (medium severity), reflecting the attack vector as network-based with low complexity and no privileges or user interaction needed. The impact on confidentiality, integrity, and availability is rated low individually but collectively can lead to unauthorized data access or manipulation. The absence of vendor mitigation increases the risk of exploitation, especially since the exploit details are publicly available. The vulnerability affects CRM systems that often contain sensitive customer and business data, making it a critical concern for organizations relying on MetaCRM for customer relationship management and business operations.

For European organizations using MetaCRM versions up to 6.4.2, this vulnerability poses a tangible risk of unauthorized data access or modification via SQL Injection. CRM systems typically store sensitive personal data, including customer identities, contact details, transaction histories, and potentially financial information. Exploitation could lead to data breaches violating GDPR requirements, resulting in regulatory penalties and reputational damage. Additionally, attackers could manipulate or corrupt CRM data, disrupting business processes and customer relations. The remote and unauthenticated nature of the exploit increases the likelihood of attacks, especially in environments where MetaCRM is exposed to the internet or insufficiently segmented. The lack of vendor response and patch availability further exacerbates the risk, forcing organizations to consider alternative mitigations or temporary workarounds. Overall, the vulnerability could undermine data confidentiality, integrity, and availability, impacting compliance, operational continuity, and customer trust within European enterprises.

Given the absence of an official patch, European organizations should implement immediate compensating controls. First, restrict external access to MetaCRM instances by enforcing network segmentation and firewall rules to limit access to trusted internal IP addresses only. Second, deploy Web Application Firewalls (WAFs) with custom rules to detect and block SQL Injection patterns targeting the 'workerid' parameter in mcc_login.jsp. Third, conduct thorough input validation and sanitization at the application or proxy level if possible, to filter malicious inputs before they reach the backend. Fourth, monitor logs for suspicious activity related to SQL errors or unusual queries originating from the vulnerable endpoint. Fifth, consider temporarily disabling or restricting the vulnerable functionality if feasible without disrupting critical operations. Finally, maintain heightened awareness and prepare incident response plans for potential exploitation attempts. Organizations should also engage with Metasoft for updates and plan for timely patch deployment once available.