CVE-2025-22371

Name of the Vulnerable Software and Affected Versions: SicommNet BASEC (SaaS Service) versions prior to the fixed version, which is not specified.

Description: The issue is related to an SQL Injection vulnerability in the login page of SicommNet BASEC, allowing an unauthenticated remote attacker to bypass authentication and execute arbitrary SQL commands. This vulnerability has been present in the solution at least since December 14, 2021, and likely before that.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.