Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2025-24799SQL Injection in Glpi

CWE-89SQL Injection10 documents8 sources
Severity
9.8CRITICALNVD
VulnCheck7.5
EPSS
26.0%
top 3.71%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Glpi-project Glpi
Timeline
PublishedMar 18
Latest updateFeb 14

Description

GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDglpi-project/glpi10.0.010.0.18
CVEListV5glpi-project/glpi>= 10.0.0, < 10.0.18

🔴Vulnerability Details

2
OSV
CVE-2025-24799: GLPI is a free asset and IT management software package2025-03-18
VulnCheck
glpi-project GLPI Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')2025

💥Exploits & PoCs

2
Metasploit
GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi
Nuclei
GLPI < 10.0.17 - Pre-Auth SQL Injection

🔍Detection Rules

2
Suricata
ET WEB_SPECIFIC_APPS GLPI < 10.0.17 Pre-Auth SQL Injection (CVE-2025-24799)2025-04-21
Suricata
ET WEB_SPECIFIC_APPS GLPI Pre-auth SQL Injection (CVE-2025-24799)2025-03-12

🕵️Threat Intelligence

3
Bleepingcomputer
One threat actor responsible for 83% of recent Ivanti RCE attacks2026-02-14
Greynoiseio
Active Ivanti Exploitation Traced to Single Bulletproof IP—Published IOC Lists Point Elsewhere2026-02-10
Greynoiseio
NoiseLetter March 2025