CVE-2025-22214 Scanner

Landray EIS is widely used in enterprise information systems to streamline workflows and document management processes. Developed predominantly for corporations, its purpose is to enhance efficiency and improve document handling within businesses. Companies use Landray EIS to manage documents, records, and communications across various departments. It's favored for its integrated approach and user-friendly interface. It is a popular choice among businesses seeking an all-encompassing document management solution. Users benefit from its centralized data handling capabilities, which aid in maintaining an organized and accessible document repository.

SQL Injection (SQLi) vulnerabilities allow attackers to manipulate back-end SQL queries, potentially leading to unauthorized data access. In the context of Landray EIS, this vulnerability arises from insufficient input sanitization on specific endpoints. Successful exploitation could lead to unauthorized actions on the database, including data manipulation and exfiltration. Exploitable SQLi can significantly impact data integrity and confidentiality within affected systems. Attackers can exploit these vulnerabilities by specially crafting payloads to manipulate database responses. High-severity SQLi can serve as a gateway to broader system compromise if not addressed promptly.

The vulnerability in Landray EIS involves the 'replyid' parameter in the URL path '/Message/fi_message_receiver.aspx'. This parameter is susceptible to SQL injection through crafted inputs that aren't sanitized before interacting with the database. The specific payload demonstrated in the scan converts an MD5 hash value, which is indicative of unsanitized string handling. The endpoint is vulnerable when certain keywords like "varchar" and "Landray" are returned in the HTTP response body. This suggests that the raw SQL query structure and its results can be directly influenced by unauthorized input, causing unintended behavior.

If exploited, SQL Injection can lead to unauthorized database access, data leakage, and potentially, complete control over the application's data layer. Critical data could be stolen, altered, or deleted, severely impacting business operations. Such vulnerabilities undermine data integrity and can result in significant financial and reputational damage. Malicious actors could leverage this to impersonate users, modify permissions, or disrupt services. Continuous exploitation might lead to long-term data discrepancies and loss of customer trust, persisting even after initial attack surfaces are addressed.

REFERENCES

• https://nvd.nist.gov/vuln/detail/CVE-2025-22214