CVE-2025-8219 is a SQL Injection vulnerability identified in Shanghai Lingdang Information Technology's Lingdang CRM software versions up to 8.6.4.7. The vulnerability resides in the HTTP POST request handler for the endpoint /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php, specifically in the processing of the 'getvaluestring' parameter. An attacker can manipulate this parameter to inject malicious SQL code, potentially allowing unauthorized access to or modification of the backend database. The vulnerability is exploitable remotely without user interaction and requires low privileges (PR:L), indicating that an attacker with limited access could exploit it. The vendor has addressed this issue in version 8.6.5.2 by implementing parameterized queries and input sanitization to eliminate SQL injection vectors. The CVSS 4.0 base score is 5.3 (medium severity), reflecting moderate impact on confidentiality, integrity, and availability, with no authentication or user interaction required. No known exploits are currently reported in the wild. This vulnerability could allow attackers to extract sensitive customer data, alter CRM records, or disrupt CRM operations, which are critical functions in customer relationship management systems.

For European organizations using Lingdang CRM, this vulnerability poses a significant risk to the confidentiality and integrity of customer and business data. Successful exploitation could lead to unauthorized data disclosure, data tampering, or denial of service affecting CRM availability. Given that CRM systems often contain sensitive personal data subject to GDPR, exploitation could result in regulatory non-compliance, financial penalties, and reputational damage. The ability to exploit remotely without user interaction increases the risk of automated attacks or exploitation by external threat actors. Disruption or compromise of CRM data could impact sales, customer support, and business continuity. Organizations relying on Lingdang CRM for critical customer management functions must consider this vulnerability a priority for remediation to avoid operational and compliance risks.

European organizations should immediately upgrade Lingdang CRM installations to version 8.6.5.2 or later, which includes patches for all SQL injection vectors and additional security enhancements. Until the upgrade is applied, organizations should implement strict input validation and sanitization at the web application firewall (WAF) or reverse proxy level to block malicious payloads targeting the 'getvaluestring' parameter. Monitoring and logging HTTP POST requests to the affected endpoint should be enhanced to detect suspicious activity. Access controls should be reviewed to limit exposure of the vulnerable endpoint to trusted networks or authenticated users where possible. Regular vulnerability scanning and penetration testing should be conducted to verify the absence of injection flaws. Additionally, organizations should ensure that database accounts used by the CRM have the minimum necessary privileges to limit potential damage from exploitation.