Cyber Resilience

CVE-2025-1224

MediumPublic PoC

Published: 12 February 2025

Published
12 February 2025
Modified
26 August 2025
KEV Added
Patch
CVSS Score v4 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0011 29.1th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1224 is a medium-severity Injection (CWE-74) vulnerability in R1Bbit Yimioa. Its CVSS base score is 5.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-1224 is a SQL injection vulnerability classified as critical in the ywoa application versions up to 2024.07.03. It affects the listNameBySql function within the file com/cloudweb/oa/mapper/xml/UserMapper.xml. The issue, tied to CWE-74 and CWE-89, allows manipulation leading to unauthorized SQL execution.

The vulnerability enables remote exploitation with low complexity (AV:N/AC:L) and requires low privileges (PR:L), without user interaction (UI:N) and with unchanged scope (S:U). A successful attack can result in low impacts to confidentiality, integrity, and availability (C:L/I:L/A:L), as scored at CVSS 6.3 (CVSS:3.1). An exploit has been publicly disclosed and may be actively used.

Advisories recommend upgrading to ywoa version 2024.07.04 to address the issue. Relevant details are available in references including Gitee issues at https://gitee.com/r1bbit/yimioa/issues/IBI731 and VulDB entries at https://vuldb.com/?ctiid.295210 and https://vuldb.com/?id.295210.

EU & UK References

Vulnerability details

A vulnerability classified as critical was found in ywoa up to 2024.07.03. This vulnerability affects the function listNameBySql of the file com/cloudweb/oa/mapper/xml/UserMapper.xml. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to…

more

the public and may be used. Upgrading to version 2024.07.04 is able to address this issue. It is recommended to upgrade the affected component.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1505 Server Software Component Persistence
Adversaries may abuse legitimate extensible development features of servers to establish persistent access to systems.
Why these techniques?

SQL injection vulnerability in public-facing OA web application's UserMapper.xml enables remote exploitation of public-facing application (T1190) and abuse of server software component for SQL command execution (T1505).

CVEs Like This One

CVE-2025-1227Same product: R1Bbit Yimioa
CVE-2025-1216Same product: R1Bbit Yimioa
CVE-2025-1226Same product: R1Bbit Yimioa
CVE-2025-25585Same product: R1Bbit Yimioa
CVE-2025-2675Shared CWE-74, CWE-89
CVE-2025-2382Shared CWE-74, CWE-89
CVE-2025-3039Shared CWE-74, CWE-89
CVE-2025-7167Shared CWE-74, CWE-89
CVE-2025-10090Shared CWE-74, CWE-89
CVE-2025-1843Shared CWE-74, CWE-89

Affected Assets

r1bbit
yimioa
≤ 2024-07-04

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection attacks like CVE-2025-1224 by validating and sanitizing inputs to the vulnerable listNameBySql function before SQL query construction.

prevent

Mitigates the vulnerability by requiring timely flaw remediation through upgrading ywoa to the patched version 2024.07.04 as recommended.

prevent

Ensures the organization receives, disseminates, and acts on security advisories disclosing the SQL injection exploit and upgrade fix for CVE-2025-1224.

References