【Vulnerability Alert】ISOinsight of Chengbang Information has SQL Injection Vulnerability

• Subject Description: 【Vulnerability Alert】ISOinsight of Chengbang Information has SQL Injection Vulnerability
• Content Description:
  • Forwarded from Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000012
  • [Chengbang Information ISOinsight - SQL Injection] (CVE-2025-4559, CVSS: 9.8) ISOinsight of Chengbang Information has SQL Injection Vulnerability, unauthenticated remote attackers can inject arbitrary SQL commands to read, modify, and delete database content.
• Affected Platforms:
  • ISOinsight v2.9.0.x and v3.0.0.x
• Recommended Actions:
  • v2.9.0.x please update to version 2.9.0.250501 (inclusive) or later
  • v3.0.0.x please update to version 3.0.0.250501 (inclusive) or later
• Reference:
  • Chengbang Information ISOinsight - SQL Injection: https://www.twcert.org.tw/tw/cp-132-10116-784e0-1.html

Network System Division
Computer and Communication Center9