CNNVD-202509-1409 Information

CNNVD ID

CNNVD-202509-1409

Related CVE

CVE-2025-10095

• CNNVD Published: 2025-09-09

Description (Chinese)

SMSEagle是SMSEagle公司的一款用于发送和接收 SMS 消息的专业硬件 SMS 网关软件。 SMSEagle 6.11之前版本存在SQL注入漏洞，该漏洞源于用户输入清理不当，可能导致SQL注入攻击。

Description (English)

SMSEagle is a SMSEagle specialty hardware SMS gateway software for sending and receiving SMS messages. The previous version of SMSEagle 6.11 had an injection loophole in SQL, which stemmed from inappropriate user input clean-up and could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

SMSEagle

Published

2025-09-09

Last Modified

2026-02-24

References

https://cert.pl/en/posts/2025/08/CVE-2025-10095 https://www.smseagle.eu/security-advisory/resolved-sql-injection-in-smpp-component-of-smseagle-software-6-11/

Patch

https://www.smseagle.eu/security-advisory/resolved-sql-injection-in-smpp-component-of-smseagle-software-6-11/