Cyber Resilience

CVE-2025-25206

High

Published: 14 February 2025

Published
14 February 2025
Modified
18 August 2025
KEV Added
Patch
CVSS Score v3.1 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
EPSS Score 0.0032 55.9th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-25206 is a high-severity SQL Injection (CWE-89) vulnerability in Elabftw Elabftw. Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 44.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-25206 is an input validation vulnerability (CWE-89) affecting eLabFTW, an open source electronic lab notebook used in research labs. In versions prior to 5.1.15, the flaw allows authenticated users to access sensitive information stored in the database, such as login tokens and other confidential content, due to improper handling of inputs.

An authenticated user with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required, as indicated by its CVSS v3.1 base score of 8.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L). Successful exploitation enables reading of sensitive data, potentially leading to privilege escalation, particularly when cookies are enabled, which is the default configuration.

The eLabFTW release notes and GitHub security advisory recommend upgrading to version 5.1.15, which addresses the issue through corrected input validation. No workarounds are available. Relevant resources include the release page at https://github.com/elabftw/elabftw/releases/tag/5.1.15 and the advisory at https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg.

EU & UK References

Vulnerability details

eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could…

more

lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
Why these techniques?

SQL injection in web app allows authenticated low-priv users to read DB data including login tokens, enabling exploitation of public-facing app (T1190), privilege escalation (T1068), and access to unsecured credentials (T1552).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-29206Shared CWE-89
CVE-2026-6476Shared CWE-89
CVE-2026-27470Shared CWE-89
CVE-2020-37053Shared CWE-89
CVE-2025-24669Shared CWE-89
CVE-2026-2751Shared CWE-89
CVE-2026-24908Shared CWE-89
CVE-2026-33539Shared CWE-89
CVE-2025-26200Shared CWE-89
CVE-2026-30711Shared CWE-89

Affected Assets

elabftw
elabftw
≤ 5.1.15

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly addresses the incorrect input validation vulnerability (CWE-89) by requiring validation of all system inputs to prevent unauthorized database access and sensitive data disclosure.

prevent

Mandates timely identification, reporting, and remediation of software flaws like this input validation issue, aligning with the vendor's patch to version 5.1.15.

prevent

Enforces approved access control policies to limit unauthorized reading of sensitive information such as login tokens, mitigating the privilege escalation risk from flawed input handling.

References