cbcvebase.
CVE-2025-4285
published 2025-07-22

CVE-2025-4285: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL…

PriorityP265critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
0.33%
24.9th percentile
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technologies Agentis allows SQL Injection. This issue affects Agentis: before 4.32.

Affected

3 ranges
VendorProductVersion rangeFixed in
msrccbl2_binutils_2.37-5_on_cbl_mariner_2.0
msrccm1_binutils_2.36.1-3_on_cbl_mariner_1.0
rolantis_information_technologiesagentis< 4.324.32

CVSS provenance

nvdv3.110.0CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
vendor_msrc5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.