{"id":82219,"date":"2025-10-09T18:43:30","date_gmt":"2025-10-09T18:43:30","guid":{"rendered":""},"modified":"2025-10-28T11:37:22","modified_gmt":"2025-10-28T17:37:22","slug":"cve-2025-59742-critical-sql-injection-vulnerability-in-andsoft-s-e-tms-v25-03","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-59742-critical-sql-injection-vulnerability-in-andsoft-s-e-tms-v25-03\/","title":{"rendered":"CVE-2025-59742: Critical SQL Injection Vulnerability in AndSoft’s e-TMS v25.03<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity industry is on alert due to a newly discovered vulnerability, CVE-2025-59742, which is a serious SQL injection vulnerability in AndSoft’s e-TMS v25.03. This vulnerability, if exploited, could allow an attacker to manipulate databases by sending a malicious POST request. This potentially affects all organizations that use the mentioned software version for their transportation management systems<\/a>, presenting a significant risk to their data security.
\nThe impact of this vulnerability is substantial as it can lead to system<\/a> compromise and data leakage, which could disrupt business operations and damage the organization’s reputation. It is therefore critical for any organization using the affected software version to take immediate steps to mitigate this vulnerability<\/a>.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-59742
\nSeverity: Critical (9.8)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n