CVE-2025-8219: SQL Injection in Shanghai Lingdang Information Technology Lingdang CRM
A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. It has been rated as critical. This issue affects some unknown processing of the file /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php of the component HTTP POST Request Handler. The manipulation of the argument getvaluestring leads to sql injection. The attack may be initiated remotely. Upgrading to version 8.6.5.2 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+. We strongly advise all customers to upgrade to the current version (v8.6.5.2), which includes this fix and additional security enhancements."
AI Analysis
Technical Summary
CVE-2025-8219 is a SQL Injection vulnerability identified in Shanghai Lingdang Information Technology's Lingdang CRM software, specifically affecting versions up to 8.6.4.7. The vulnerability resides in the HTTP POST request handler component, within the file /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php. The issue arises due to improper handling and sanitization of the 'getvaluestring' parameter, which allows an attacker to inject malicious SQL code remotely without requiring authentication or user interaction. This can lead to unauthorized access, data leakage, or manipulation of the CRM's underlying database. The vendor has addressed this vulnerability in version 8.6.5.2 by implementing parameterized queries and enhanced input sanitization, effectively mitigating all known SQL injection vectors. The CVSS 4.0 base score is 5.3 (medium severity), reflecting the network attack vector, low attack complexity, no privileges or user interaction required, but limited impact on confidentiality, integrity, and availability. No known exploits are currently reported in the wild, but the vulnerability's remote exploitability and critical nature of CRM data make it a significant risk if left unpatched.
Potential Impact
For European organizations using Lingdang CRM versions prior to 8.6.5.2, this vulnerability poses a risk of unauthorized database access, potentially exposing sensitive customer data, sales records, and internal business information. Compromise of CRM data can lead to reputational damage, regulatory non-compliance (e.g., GDPR violations), and financial losses. Attackers could manipulate or delete critical business data, disrupt CRM operations, or pivot to other internal systems. Given the remote exploitability without authentication, attackers can target exposed CRM instances over the internet, increasing the risk of widespread exploitation. The medium CVSS score suggests limited but non-negligible impact; however, the strategic importance of CRM systems in customer relationship management and business continuity elevates the threat's significance for European enterprises.
Mitigation Recommendations
European organizations should immediately upgrade Lingdang CRM installations to version 8.6.5.2 or later to apply the vendor's official fix. Until the upgrade is completed, organizations should implement strict network-level access controls to restrict inbound traffic to the CRM system, ideally limiting access to trusted IP addresses or VPN users. Web application firewalls (WAFs) should be configured with custom rules to detect and block SQL injection patterns targeting the 'getvaluestring' parameter. Regularly audit and monitor CRM logs for suspicious activity indicative of injection attempts. Additionally, organizations should conduct security assessments and penetration tests focusing on CRM inputs to identify any residual injection risks. Backup CRM databases frequently and ensure backups are stored securely to enable recovery in case of data manipulation or deletion. Finally, educate IT and security teams about this vulnerability and maintain vigilance for any emerging exploit reports.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2025-8219: SQL Injection in Shanghai Lingdang Information Technology Lingdang CRM
Description
A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. It has been rated as critical. This issue affects some unknown processing of the file /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php of the component HTTP POST Request Handler. The manipulation of the argument getvaluestring leads to sql injection. The attack may be initiated remotely. Upgrading to version 8.6.5.2 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+. We strongly advise all customers to upgrade to the current version (v8.6.5.2), which includes this fix and additional security enhancements."
AI-Powered Analysis
Technical Analysis
CVE-2025-8219 is a SQL Injection vulnerability identified in Shanghai Lingdang Information Technology's Lingdang CRM software, specifically affecting versions up to 8.6.4.7. The vulnerability resides in the HTTP POST request handler component, within the file /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php. The issue arises due to improper handling and sanitization of the 'getvaluestring' parameter, which allows an attacker to inject malicious SQL code remotely without requiring authentication or user interaction. This can lead to unauthorized access, data leakage, or manipulation of the CRM's underlying database. The vendor has addressed this vulnerability in version 8.6.5.2 by implementing parameterized queries and enhanced input sanitization, effectively mitigating all known SQL injection vectors. The CVSS 4.0 base score is 5.3 (medium severity), reflecting the network attack vector, low attack complexity, no privileges or user interaction required, but limited impact on confidentiality, integrity, and availability. No known exploits are currently reported in the wild, but the vulnerability's remote exploitability and critical nature of CRM data make it a significant risk if left unpatched.
Potential Impact
For European organizations using Lingdang CRM versions prior to 8.6.5.2, this vulnerability poses a risk of unauthorized database access, potentially exposing sensitive customer data, sales records, and internal business information. Compromise of CRM data can lead to reputational damage, regulatory non-compliance (e.g., GDPR violations), and financial losses. Attackers could manipulate or delete critical business data, disrupt CRM operations, or pivot to other internal systems. Given the remote exploitability without authentication, attackers can target exposed CRM instances over the internet, increasing the risk of widespread exploitation. The medium CVSS score suggests limited but non-negligible impact; however, the strategic importance of CRM systems in customer relationship management and business continuity elevates the threat's significance for European enterprises.
Mitigation Recommendations
European organizations should immediately upgrade Lingdang CRM installations to version 8.6.5.2 or later to apply the vendor's official fix. Until the upgrade is completed, organizations should implement strict network-level access controls to restrict inbound traffic to the CRM system, ideally limiting access to trusted IP addresses or VPN users. Web application firewalls (WAFs) should be configured with custom rules to detect and block SQL injection patterns targeting the 'getvaluestring' parameter. Regularly audit and monitor CRM logs for suspicious activity indicative of injection attempts. Additionally, organizations should conduct security assessments and penetration tests focusing on CRM inputs to identify any residual injection risks. Backup CRM databases frequently and ensure backups are stored securely to enable recovery in case of data manipulation or deletion. Finally, educate IT and security teams about this vulnerability and maintain vigilance for any emerging exploit reports.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-07-26T08:53:23.642Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6885934ead5a09ad006c6164
Added to database: 7/27/2025, 2:47:42 AM
Last enriched: 8/4/2025, 1:05:32 AM
Last updated: 9/13/2025, 11:03:03 AM
Views: 35
Related Threats
CVE-2025-10371: Unrestricted Upload in eCharge Hardy Barth Salia PLCC
MediumCVE-2025-10370: Cross Site Scripting in MiczFlor RPi-Jukebox-RFID
MediumCVE-2025-10369: Cross Site Scripting in MiczFlor RPi-Jukebox-RFID
MediumCVE-2025-10368: Cross Site Scripting in MiczFlor RPi-Jukebox-RFID
MediumCVE-2025-10367: Cross Site Scripting in MiczFlor RPi-Jukebox-RFID
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.