Home / Vulnerability Intelligence / CVE-2025-6577

CVE-2025-6577 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: May 12, 2026

Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website - SQL Injection

Published: May 12, 2026Updated: May 12, 2026Remote Exploitable

Overview

Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website < 4.5.001 contains a sql injection caused by improper neutralization of special elements in SQL commands, letting attackers execute arbitrary SQL queries remotely, exploit requires crafted input.

Severity & Score

Severity: Critical

CVSS Score: 9.8

EPSS Score: 3.1%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary SQL commands, potentially leading to data disclosure, modification, or full database compromise.

Mitigation

Upgrade to version 4.5.001 or later.

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0222

Social Media Activity(2 posts)

TheHackerWire

@thehackerwire

May 12, 2026

🔴 CVE-2025-6577 - Critical (9.8) Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection. This issue affects E-Commerce Website: before 4.5.001. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-6577/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

May 12, 2026

View original post

Related Resources

Details

CVE ID: CVE-2025-6577
Severity: Critical
CVSS Score: 9.8
Type: sql_injection
Status: rejected
EPSS: 3.1%
Social Posts: 2

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

3.1%Probability of exploitation in the next 30 days