Cyber Resilience

CVE-2025-7212

LowPublic PoC

Published: 09 July 2025

Published
09 July 2025
Modified
29 April 2026
KEV Added
Patch
CVSS Score v4 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0020 41.7th percentile
Risk Priority 4 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-7212 is a low-severity Injection (CWE-74) vulnerability in Angeljudesuarez Insurance Management System. Its CVSS base score is 2.1 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 41.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-6 (Least Privilege).

Deeper analysis

CVE-2025-7212 is a SQL injection vulnerability affecting the itsourcecode Insurance Management System up to version 1.0. The flaw exists in the processing of the file /insertAgent.php, where manipulation of the agent_id argument enables SQL code injection. Rated as critical with a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), it is associated with CWE-74 and CWE-89.

The vulnerability can be exploited remotely by an attacker with low privileges (PR:L), requiring low attack complexity and no user interaction. Successful exploitation grants limited impacts on confidentiality, integrity, and availability, potentially allowing unauthorized data access, modification, or disruption within the affected application's database.

Advisories referenced in VulDB entries (ctiid.315161, id.315161, submit.607909) document the issue, while a GitHub repository (wishoper/CVE/issues/3) discloses the exploit publicly for potential use. The vendor site (itsourcecode.com) is listed, but no specific patches or mitigation steps are detailed in the available information.

EU & UK References

Vulnerability details

A vulnerability was found in itsourcecode Insurance Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertAgent.php. The manipulation of the argument agent_id leads to sql injection. The attack…

more

may be initiated remotely. The exploit has been disclosed to the public and may be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in public-facing PHP web app (/insertAgent.php) directly enables remote exploitation for initial access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-3150Same vendor: Angeljudesuarez
CVE-2026-1594Same vendor: Angeljudesuarez
CVE-2026-1119Same vendor: Angeljudesuarez
CVE-2026-2116Same vendor: Angeljudesuarez
CVE-2026-3740Same vendor: Angeljudesuarez
CVE-2026-0582Same vendor: Angeljudesuarez
CVE-2026-1593Same vendor: Angeljudesuarez
CVE-2026-3152Same vendor: Angeljudesuarez
CVE-2026-2115Same vendor: Angeljudesuarez
CVE-2026-3765Same vendor: Angeljudesuarez

Affected Assets

angeljudesuarez
insurance management system
≤ 1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation and sanitization of untrusted inputs such as the agent_id parameter before it reaches SQL statements in insertAgent.php.

prevent

Limits the database privileges available to the low-privileged account used in the attack, reducing the scope of data exposure or modification possible via the injected SQL.

detect

Enables monitoring and alerting on anomalous database queries or error patterns that would indicate attempted SQL injection against insertAgent.php.

References