CVE-2025-51458

MEDIUM

DB-GPT 0.7.0 - SQL Injection via /v1/editor/sql/run or /v1/editor/chart/run Endpoints

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-51458. PoCs published by q1uf3ng.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2025-51458, a pre-auth SQL injection vulnerability in DB-GPT <= 0.7.0. The exploit targets the `/api/v1/editor/sql/run` and `/api/v1/editor/chart/run` endpoints, which accept arbitrary SQL without authentication. The provided Python script demonstrates the vulnerability by executing custom SQL queries, dumping database schemas, and bypassing the DuckDB blacklist via comment obfuscation.

Description

SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL statements via crafted input passed to the /v1/editor/sql/run or /v1/editor/chart/run endpoints, interacting with api_editor_v1.editor_sql_run, editor_chart_run, and datasource.rdbms.base.query_ex.

Exploits (1)

nomisec WORKING POC

by q1uf3ng · poc

https://github.com/q1uf3ng/CVE-2025-51458-exp

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2025-51458, a pre-auth SQL injection vulnerability in DB-GPT <= 0.7.0. The exploit targets the `/api/v1/editor/sql/run` and `/api/v1/editor/chart/run` endpoints, which accept arbitrary SQL without authentication. The provided Python script demonstrates the vulnerability by executing custom SQL queries, dumping database schemas, and bypassing the DuckDB blacklist via comment obfuscation.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: DB-GPT <= 0.7.0

No auth needed

Prerequisites: Network access to the target DB-GPT instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Apr 15, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Issue Tracking

https://github.com/eosphoros-ai/DB-GPT/pull/2650

Exploit, Vendor Advisory

https://www.gecko.security/blog/cve-2025-51458

Scores

CVSS v3 6.5

EPSS 0.0031

EPSS Percentile 22.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

dbgpt/db-gpt 0.7.0

Published Jul 22, 2025

Tracked Since Feb 18, 2026