CVE-2025-55703 in Power IQinformazioni

Riassunto

di MITRE • 15/12/2025

An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerability is due to an outdated API endpoint that applied arrays without proper input validation. This can allow attackers to manipulate SQL queries. This has been addressed in Power IQ version 9.2.1, where the API call code was updated to ensure safe handling of input values.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsabile

MITRE

Prenotare

13/08/2025

Divulgazione

15/12/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00117

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!