Overview
As the digital realm continues to evolve, it has become increasingly important to safeguard our systems against potential cyber threats. One such threat, recently identified as CVE-2025-45346, poses a serious risk to businesses using Bacula-web versions prior to 9.7.1. This vulnerability is classed as an SQL Injection flaw that allows remote attackers to execute arbitrary code through a specifically crafted HTTP GET request. The implications of this vulnerability are severe and could potentially lead to complete system compromise and data leakage if left unaddressed.
Vulnerability Summary
CVE ID: CVE-2025-45346
Severity: High (8.1 CVSS Score)
Attack Vector: Network
Privileges Required: None
User Interaction: None
Impact: System compromise and potential data leakage
Affected Products
Share secrets securely
Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.
Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.
- • Encrypted identity
- • Private Spaces for organizations and teams
- • End-to-end encrypted chat, calls, files, and notes
- • Sensitive AI work and protected collaboration
- • Built for information that cannot leak
Our mission is to secure human work alongside AI.
Product | Affected Versions
Bacula-web | Before 9.7.1
How the Exploit Works
The exploit takes advantage of an SQL injection vulnerability within Bacula-web’s HTTP GET query parameters. Using this vulnerability, a remote attacker could craft a malicious HTTP GET request that injects SQL commands into the application’s database query. This could potentially give the attacker the ability to execute arbitrary SQL queries on the database, leading to unauthorized viewing, modification, or deletion of data.
Conceptual Example Code
A conceptual representation of how the vulnerability might be exploited could look like this:
GET /vulnerable/endpoint?param=value' OR '1'='1'; -- HTTP/1.1
Host: target.example.comIn the above example, the attacker manipulates the ‘param’ parameter value in the HTTP GET request to inject the SQL code `’ OR ‘1’=’1′; –`. This SQL command will always evaluate to true, potentially allowing the attacker to bypass authentication or retrieve sensitive data.
Mitigation
The best way to mitigate this vulnerability is to apply the vendor patch. Bacula-web has released a patch in version 9.7.1 that addresses this vulnerability. If for some reason it is not possible to update to the latest version, implementing a Web Application Firewall (WAF) or Intrusion Detection System (IDS) could serve as a temporary solution. This should be coupled with sanitization of all user inputs, use of prepared statements for SQL queries, and least privilege principles for database access rights.
Remember, the digital landscape is constantly changing and so are the threats that come with it. Stay vigilant and keep your systems updated to protect your data and maintain the integrity of your systems.