CVE-2025-2602
Published: 21 March 2025
Description
Adversaries may abuse legitimate extensible development features of servers to establish persistent access to systems.
Security Summary
CVE-2025-2602 is a critical SQL injection vulnerability in SourceCodester Kortex Lite Advocate Office Management System version 1.0. The issue resides in unknown code within the deactivate_reg.php file, where manipulation of the ID argument triggers the injection. It is remotely exploitable and has been assigned CWE-74 and CWE-89, with a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
An attacker with low privileges can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling unauthorized data access, modification, or disruption via SQL commands.
Advisories referenced on VulDB (ctiid.300586, id.300586, submit.517960) and a GitHub issue at Hefei-Coffee/cve/issues/11 detail the vulnerability, while the vendor site at sourcecodester.com hosts the affected software. No specific patches or mitigations are detailed in the available information.
The exploit has been publicly disclosed and may be in use by attackers.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
SQL injection vulnerability in public-facing web application (deactivate_reg.php) enables initial access via T1190 (Exploit Public-Facing Application), facilitates data collection from databases via T1213.006, and abuse of server software components for potential code execution via T1505.