{"id":31819,"date":"2025-04-26T08:27:20","date_gmt":"2025-04-26T08:27:20","guid":{"rendered":""},"modified":"2025-09-10T18:12:47","modified_gmt":"2025-09-11T00:12:47","slug":"cve-2025-30032-sql-injection-vulnerability-in-telecontrol-server-basic","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-30032-sql-injection-vulnerability-in-telecontrol-server-basic\/","title":{"rendered":"CVE-2025-30032: SQL Injection Vulnerability in TeleControl Server Basic<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

An alarming vulnerability has been identified in the TeleControl Server Basic, a widely used server system that is now at risk of SQL injection attacks. This flaw, tracked as CVE-2025-30032, primarily affects all versions of TeleControl Server Basic prior to V3.1.2.2.
\nThis vulnerability is critical<\/a> as it not only allows attackers to bypass the system’s authorization controls, but also permits them to read from and write to the application’s database, thereby potentially compromising system integrity or causing significant data leakage. The ramifications of such a breach can be far-reaching, especially considering the wide usage of TeleControl Server<\/a> Basic across various industries.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-30032
\nSeverity: High (8.8 CVSS Severity Score)
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: System compromise, Data leakage, Code execution<\/a><\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n