CVE-2025-25181 Information

Description

A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter.

Reference

https://advantive.my.site.com/support/s/knowledge https://intezer.com/blog/research/xe-group-exploiting-zero-days/