CVE-2025-41373

HIGH

Gandia Integra Total 2.1.2217.3-4.4.2236.1 - Authenticated SQL Injection via idestudio Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-41373. PoCs published by Byte Reaper, byteReaper77.

AI-analyzed exploit summary This exploit demonstrates SQL injection in the `idestudio` parameter of a specific PHP endpoint, using both boolean-based and time-based techniques to detect and exploit the vulnerability. It includes payloads for SQLi detection and WAF bypass checks.

Description

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.

Exploits (2)

exploitdb WORKING POC

by Byte Reaper · cwebappsmultiple

https://www.exploit-db.com/exploits/52388

View Code ZIP pw:eip

This exploit demonstrates SQL injection in the `idestudio` parameter of a specific PHP endpoint, using both boolean-based and time-based techniques to detect and exploit the vulnerability. It includes payloads for SQLi detection and WAF bypass checks.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: IntegraWeb v2.1.2217.3 to v4.4.2236.1

No auth needed

Prerequisites: Access to the vulnerable endpoint · Network connectivity to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 1 stars

by byteReaper77 · poc

https://github.com/byteReaper77/CVE-2025-41373

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2025-41373, an authenticated SQL injection vulnerability in Gandia Integra Total. The exploit uses boolean-based and time-based techniques to detect and demonstrate the vulnerability.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Gandia Integra Total

Auth required

Prerequisites: Authenticated access to the target application · Target application must be running Gandia Integra Total

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-gandia-integra-total-tesi

Scores

CVSS v3 8.8

EPSS 0.0013

EPSS Percentile 32.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

tesigandia/gandia_integra_total 2.1.2217.3 - 4.4.2236.1

Published Aug 01, 2025

Tracked Since Feb 18, 2026