Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-46578

There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject commands and extract sensitive database information.

Published

2025-04-27T02:15:16.080

Last Modified

2025-05-12T19:32:35.470

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-89
Type: Primary
CWE-89

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	zte	zxcloud_goldendb	< 6.1.03.11	Yes
Application	zte	zxcloud_goldendb	7.2.01.01	Yes

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392210 Vendor Advisory ([email protected])