Description

An SQL injection vulnerability in Yoosee application v6.32.4 allows authenticated users to inject arbitrary SQL queries via a request to a backend API endpoint. Successful exploitation enables extraction of sensitive database information, including but not limited to, the database server banner and version, current database user and schema, the current DBMS user privileges, and arbitrary data from any table.

INFO

Published Date :

2025-08-22T00:00:00.000Z

Last Modified :

2025-08-26T14:07:31.385Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-52085 vulnerability.

Vendors Products
Yoosee
  • Yoosee
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-52085.

URL Resource
https://medium.com/@pundhapat/sqli-in-the-cloud-root-on-the-board-a-beginners-journey-into-iot-hacking-06efb2539a21 cve-icon cve-icon
https://yoosee.app cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact