CVE-2025-30062 MEDIUM

CVE-2025-30062: SQL injection in CheckUnitCodeAndKey.pl

Vendor Cgm

Product CGM CLININET

Weakness CWE-89 · SQLi

Published March 2, 2026

Last update March 2, 2026

CVSS base score

6.9/10

Attack vector Adjacent

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit" function is vulnerable to SQL injection.

Key dates

March 2, 2026 CVE published

March 2, 2026 Record updated

External resources

Related vulnerabilities