CVE-2025-55703_CVE-2025-55703

2.5 / 10

LOW

CVSS:3.1/AC:H/AV:L/A:N/C:L/I:N/PR:L/S:C/UI:R

Description

An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, where the API call code was updated to ensure safe handling of input values.

Basic Information

ID CVE-2025-55703

Source mitre

Published Dec 15, 2025 at 00:00

Modified Dec 15, 2025 at 20:08

Affected Product

Vendor n/a

Product n/a

Version n/a

Affected Versions n/a n/a n/a

CWE Classification

CWE-89

References

{
    "lastseen": "",
    "description": "An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, where the API call code was updated to ensure safe handling of input values.",
    "published": "2025-12-15T00:00:00.000Z",
    "modified": "2025-12-15T20:08:08.419Z",
    "type": "cve",
    "title": "CVE-2025-55703",
    "source": "mitre",
    "references": "https://www.sunbirddcim.com/\nhttps://pastebin.com/C6hVPpF4",
    "id": "CVE-2025-55703",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 2.5,
        "severity": "LOW",
        "vector": "CVSS:3.1/AC:H/AV:L/A:N/C:L/I:N/PR:L/S:C/UI:R",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "n/a",
    "version": "n/a",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}