Home / Vulnerability Intelligence / CVE-2025-62319

CVE-2025-62319 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: March 17, 2026

Application - SQL Injection

Published: March 16, 2026Updated: March 17, 2026Remote Exploitable

Overview

An application contains a boolean-based SQL injection caused by injection of Boolean conditions into SQL queries, letting attackers inject arbitrary SQL into backend configuration queries, exploit requires user input fields.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 3.1%(Probability of exploitation in next 30 days)

Impact

Attackers can inject arbitrary SQL, potentially leading to data disclosure or modification.

Mitigation

Update to the latest version or apply patches to sanitize SQL inputs.

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 16, 2026

🔴 CVE-2025-62319 - Critical (9.8) Boolean-Based SQL Injection is a type of blind SQL injection where an attacker manipulates SQL queries by injecting Boolean conditions (TRUE or FALSE) into application input fields. Instead of returning database errors or visible data, the applica... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-62319/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2025-62319
Severity: Critical
CVSS Score: 9.8
Type: sql_injection
Status: unconfirmed
EPSS: 3.1%
Social Posts: 1

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

3.1%Probability of exploitation in the next 30 days