SentinelOne
CVE Vulnerability Database
Vulnerability Database/CVE-2025-24799

CVE-2025-24799: GLPI Asset Management SQLi Vulnerability

CVE-2025-24799 is a SQL injection vulnerability in GLPI asset management software that allows unauthenticated attackers to exploit the inventory endpoint. This article covers the technical details, affected versions, and mitigation.

Updated:

CVE-2025-24799 Overview

GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18.

Critical Impact

This SQL injection vulnerability could allow unauthenticated users to execute arbitrary SQL commands, potentially leading to unauthorized data access and manipulation.

Affected Products

  • glpi-project glpi
  • Not Available
  • Not Available

Discovery Timeline

  • Not Available - Vulnerability discovered by Not Available
  • Not Available - Responsible disclosure to glpi-project
  • Not Available - CVE CVE-2025-24799 assigned
  • Not Available - glpi-project releases security patch
  • 2025-03-18 - CVE CVE-2025-24799 published to NVD
  • 2025-07-31 - Last updated in NVD database

Technical Details for CVE-2025-24799

Vulnerability Analysis

The vulnerability is a classic SQL injection that allows attackers to execute unauthorized SQL commands through the inventory endpoint of GLPI. It can be exploited to gain access to sensitive data without authentication.

Root Cause

Improper input validation in the inventory endpoint allows injection of malicious SQL commands.

Attack Vector

Network

sql
-- Example exploitation query
SELECT * FROM users WHERE id = '1' OR '1'='1';

Detection Methods for CVE-2025-24799

Indicators of Compromise

  • Unusual database access patterns
  • Unexpected data modifications
  • Unauthorized access logs

Detection Strategies

Configure monitoring on database queries for patterns of anomalous requests and use of SQL keywords like OR, AND, SELECT that do not match expected usage patterns.

Monitoring Recommendations

Ensure consistent logging of all database interactions. Implement real-time monitoring solutions that flag suspicious queries and user access.

How to Mitigate CVE-2025-24799

Immediate Actions Required

  • Apply the security update for GLPI version 10.0.18 immediately.
  • Implement Web Application Firewall (WAF) rules to block SQL injection patterns.
  • Audit and sanitize input fields, especially on the inventory endpoints.

Patch Information

The vulnerability is fixed in GLPI version 10.0.18. Users should update to this version or later to secure their systems.

Workarounds

Employ input validation and parameterized queries to prevent injection of malicious SQL commands.

bash
# Example mitigation configuration
function sanitize_input(input) {
  input = stripslashes(input);
  input = mysql_real_escape_string(input);
  return input;
}

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne