CVE-2025-54379

Name of the Vulnerable Software and Affected Versions LF Edge eKuiper versions prior to 2.2.1

Description A critical SQL Injection vulnerability exists in the getLast API functionality of the eKuiper project. This flaw allows unauthenticated remote attackers to execute arbitrary SQL statements on the underlying SQLite database by manipulating the table name input in an API request. Exploitation can lead to data theft, corruption, or deletion, and full database compromise. The root cause lies in the use of unsanitized user-controlled input when constructing SQL queries using fmt.Sprintf, without validating the table parameter. A crafted request to the /sql-query API endpoint with a malicious table parameter can be used to inject SQL commands.

Recommendations LF Edge eKuiper versions prior to 2.2.1 should be updated to version 2.2.1.