PT-2025-45042 · Glpi+1 · Glpi Inventory Plugin+1
Published
2025-11-04
·
Updated
2025-12-03
·
CVE-2025-32786
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GLPI Inventory Plugin versions 1.5.0 and below
Description
The GLPI Inventory Plugin, which manages network discovery, inventory, software deployment, and data collection for GLPI agents, contains a SQL Injection issue. The plugin is vulnerable when handling certain operations, potentially allowing an attacker to manipulate database queries.
Recommendations
Update to GLPI Inventory Plugin version 1.5.1 or later.
Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Glpi Inventory Plugin
Red Os