cnvd - cnvd-2025-21549

CNVD-2025-21549

Vulnerability from cnvd - Published: 2025-09-18

Title

Lingdang CRM SQL注入漏洞

Description

Lingdang CRM（灵当CRM）是中国灵当（Lingdang）公司的一个客户关系管理系统。 Lingdang CRM存在SQL注入漏洞，该漏洞源于/crm/crmapi/erp/tabdetail_moduleSave.php文件getvaluestring参数操作不当，攻击者可利用该漏洞导致SQL注入。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.notion.so/SQL2-2459bb66b0a5802ba8e9ca5bc775fc7d?source=copy_link

Reference

https://nvd.nist.gov/vuln/detail/CVE-2025-9140

Impacted products

Name
Shanghai Lingdang Information Technology Lingdang CRM <=8.6.4.7

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-9140",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-9140"
    }
  },
  "description": "Lingdang CRM\uff08\u7075\u5f53CRM\uff09\u662f\u4e2d\u56fd\u7075\u5f53\uff08Lingdang\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5ba2\u6237\u5173\u7cfb\u7ba1\u7406\u7cfb\u7edf\u3002\n\nLingdang CRM\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e/crm/crmapi/erp/tabdetail_moduleSave.php\u6587\u4ef6getvaluestring\u53c2\u6570\u64cd\u4f5c\u4e0d\u5f53\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4SQL\u6ce8\u5165\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.notion.so/SQL2-2459bb66b0a5802ba8e9ca5bc775fc7d?source=copy_link",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-21549",
  "openTime": "2025-09-18",
  "products": {
    "product": "Shanghai Lingdang Information Technology Lingdang CRM \u003c=8.6.4.7"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-9140",
  "serverity": "\u4e2d",
  "submitTime": "2025-08-26",
  "title": "Lingdang CRM SQL\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2025-9140 (GCVE-0-2025-9140)

Vulnerability from cvelistv5 – Published: 2025-08-19 13:32 – Updated: 2025-08-28 17:15

Title

Shanghai Lingdang Information Technology Lingdang CRM tabdetail_moduleSave.php sql injection

Summary

A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."

Severity ?

5.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

6.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

CWE

CWE-89 - SQL Injection
CWE-74 - Injection

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.320520	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.320520	signaturepermissions-required
	https://vuldb.com/?submit.628087	third-party-advisory
	https://www.notion.so/SQL2-2459bb66b0a5802ba8e9ca…	exploit

Impacted products

	Vendor	Product	Version
	Shanghai Lingdang Information Technology	Lingdang CRM	Affected: 8.6.4.0 Affected: 8.6.4.1 Affected: 8.6.4.2 Affected: 8.6.4.3 Affected: 8.6.4.4 Affected: 8.6.4.5 Affected: 8.6.4.6 Affected: 8.6.4.7 Unaffected: 8.6.5.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-9140",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-19T13:42:04.470487Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-19T13:42:35.904Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-08-28T17:15:34.419Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.exploit-db.com/exploits/52420"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Lingdang CRM",
          "vendor": "Shanghai Lingdang Information Technology",
          "versions": [
            {
              "status": "affected",
              "version": "8.6.4.0"
            },
            {
              "status": "affected",
              "version": "8.6.4.1"
            },
            {
              "status": "affected",
              "version": "8.6.4.2"
            },
            {
              "status": "affected",
              "version": "8.6.4.3"
            },
            {
              "status": "affected",
              "version": "8.6.4.4"
            },
            {
              "status": "affected",
              "version": "8.6.4.5"
            },
            {
              "status": "affected",
              "version": "8.6.4.6"
            },
            {
              "status": "affected",
              "version": "8.6.4.7"
            },
            {
              "status": "unaffected",
              "version": "8.6.5.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: \"All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+.\""
        },
        {
          "lang": "de",
          "value": "Eine Schwachstelle wurde in Shanghai Lingdang Information Technology Lingdang CRM bis 8.6.4.7 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /crm/crmapi/erp/tabdetail_moduleSave.php. Durch Manipulation des Arguments getvaluestring mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Ein Aktualisieren auf die Version 8.6.5.4 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.5,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "SQL Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:32:06.591Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-320520 | Shanghai Lingdang Information Technology Lingdang CRM tabdetail_moduleSave.php sql injection",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.320520"
        },
        {
          "name": "VDB-320520 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.320520"
        },
        {
          "name": "Submit #628087 | Shanghai Lingdang Information Technology Lingdang CRM \u2264V8.6.4.3 SQL Injection",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.628087"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://www.notion.so/SQL2-2459bb66b0a5802ba8e9ca5bc775fc7d?source=copy_link"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-19T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-08-19T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-08-19T07:49:28.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Shanghai Lingdang Information Technology Lingdang CRM tabdetail_moduleSave.php sql injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-9140",
    "datePublished": "2025-08-19T13:32:06.591Z",
    "dateReserved": "2025-08-19T05:44:18.399Z",
    "dateUpdated": "2025-08-28T17:15:34.419Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-21549

CVE-2025-9140 (GCVE-0-2025-9140)

Tags

Sightings

Nomenclature