Date:2025/05/21
【Vulnerability Alert】ISOinsight of Chengbang Information has SQL Injection Vulnerability
- Subject Description: 【Vulnerability Alert】ISOinsight of Chengbang Information has SQL Injection Vulnerability
- Content Description:
- Forwarded from Taiwan Computer Network Crisis Handling and Coordination Center TWCERTCC-200-202505-00000012
- [Chengbang Information ISOinsight - SQL Injection] (CVE-2025-4559, CVSS: 9.8) ISOinsight of Chengbang Information has SQL Injection Vulnerability, unauthenticated remote attackers can inject arbitrary SQL commands to read, modify, and delete database content.
- Affected Platforms:
- ISOinsight v2.9.0.x and v3.0.0.x
- Recommended Actions:
- v2.9.0.x please update to version 2.9.0.250501 (inclusive) or later
- v3.0.0.x please update to version 3.0.0.250501 (inclusive) or later
- Reference:
- Chengbang Information ISOinsight - SQL Injection: https://www.twcert.org.tw/tw/cp-132-10116-784e0-1.html
Network System Division
Computer and Communication Center9
