CVE-2025-48949 Overview
CVE-2025-48949 is a SQL Injection vulnerability affecting Navidrome, an open source web-based music collection server and streamer. The vulnerability exists due to improper input validation on the role parameter within the API endpoint /api/artist. Attackers can exploit this flaw to inject arbitrary SQL queries, potentially gaining unauthorized access to the backend database and compromising sensitive user information.
Critical Impact
This SQL injection vulnerability allows unauthenticated remote attackers to execute arbitrary SQL queries against the backend database, potentially exposing sensitive user data, credentials, and enabling complete database compromise.
Affected Products
- Navidrome versions 0.55.0 through 0.55.2
- Self-hosted Navidrome instances running vulnerable versions
- Docker deployments using affected Navidrome container images
Discovery Timeline
- 2025-05-30 - CVE-2025-48949 published to NVD
- 2025-08-26 - Last updated in NVD database
Technical Details for CVE-2025-48949
Vulnerability Analysis
This SQL injection vulnerability (CWE-89) resides in the artist repository component of Navidrome's API layer. The vulnerable roleFilter function in persistence/artist_repository.go directly interpolates user-supplied input into SQL query construction without proper validation or sanitization. The function constructs a SQL filter using the role parameter through string formatting with fmt.Sprintf, creating a direct injection point where malicious SQL can be embedded.
The vulnerability is network-accessible and requires no authentication or user interaction to exploit. An attacker can send specially crafted requests to the /api/artist endpoint with a malicious role parameter value that escapes the intended query context and executes arbitrary SQL commands. This can lead to full database compromise, including extraction of user credentials, manipulation of stored data, or potential escalation depending on database permissions.
Root Cause
The root cause is insufficient input validation in the roleFilter function within persistence/artist_repository.go. The function accepts the role parameter and directly incorporates it into a SQL query using string formatting without validating that the input matches expected role values. The original implementation used fmt.Sprintf("stats ->> '$.%v'", role) which allowed arbitrary string injection into the JSON path expression within the SQL query.
Attack Vector
The attack is conducted over the network by sending HTTP requests to the /api/artist endpoint with a manipulated role parameter. Since the parameter is not validated against a whitelist of allowed role values, an attacker can inject SQL syntax that modifies the query behavior. The network-based attack vector with no authentication requirements makes this vulnerability particularly dangerous for internet-exposed Navidrome instances.
// Vulnerable code (before patch) in persistence/artist_repository.go
func roleFilter(_ string, role any) Sqlizer {
return NotEq{fmt.Sprintf("stats ->> '$.%v'", role): nil}
}
// Patched code - validates role against allowed values
func roleFilter(_ string, role any) Sqlizer {
if role, ok := role.(string); ok {
if _, ok := model.AllRoles[role]; ok {
return NotEq{fmt.Sprintf("stats ->> '$.%v'", role): nil}
}
}
return Eq{"1": 2}
}
Source: GitHub Commit Details
Detection Methods for CVE-2025-48949
Indicators of Compromise
- Unusual or malformed requests to /api/artist endpoint containing SQL syntax characters such as quotes, semicolons, or UNION keywords in the role parameter
- Database error messages in application logs indicating SQL syntax errors or unexpected query structures
- Anomalous database query patterns or excessive data retrieval operations
- Evidence of data exfiltration or unauthorized database access in database audit logs
Detection Strategies
- Implement Web Application Firewall (WAF) rules to detect SQL injection patterns in requests to the /api/artist endpoint
- Monitor application logs for requests containing suspicious characters or SQL keywords in the role parameter
- Enable database query logging and alert on queries with unexpected structures or execution patterns
- Deploy endpoint detection solutions to identify exploitation attempts targeting web application APIs
Monitoring Recommendations
- Enable verbose logging on Navidrome instances to capture all API request parameters
- Configure alerting for HTTP requests to /api/artist with abnormally long or suspicious role parameter values
- Monitor database performance metrics for unusual query execution times or resource consumption
- Review access logs regularly for patterns indicating automated SQL injection scanning tools
How to Mitigate CVE-2025-48949
Immediate Actions Required
- Upgrade Navidrome to version 0.56.0 or later immediately, which contains the security patch
- If immediate upgrade is not possible, restrict network access to Navidrome instances using firewall rules
- Review database access logs for any evidence of exploitation prior to patching
- Consider rotating database credentials if exploitation is suspected
Patch Information
The vulnerability has been addressed in Navidrome version 0.56.0. The fix implements proper input validation by checking if the role parameter is a string type and validating it against a predefined whitelist of allowed roles (model.AllRoles). If the input fails validation, a safe fallback query condition (Eq{"1": 2}) is returned instead, effectively neutralizing any injection attempt.
Patch details are available in the GitHub Security Advisory GHSA-5wgp-vjxm-3x2r and the commit b19d5f0d3e079639904cac95735228f445c798b6.
Workarounds
- Place Navidrome behind a reverse proxy with request filtering capabilities to block requests containing SQL injection patterns
- Restrict access to the Navidrome API to trusted networks only using firewall rules or VPN requirements
- Implement a WAF rule to sanitize or block requests with suspicious characters in the role parameter
- Disable public internet access to vulnerable Navidrome instances until patching is complete
# Example: Block direct internet access to Navidrome using iptables
# Allow only local network access to Navidrome on port 4533
iptables -A INPUT -p tcp --dport 4533 -s 192.168.0.0/24 -j ACCEPT
iptables -A INPUT -p tcp --dport 4533 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
