CVE-2025-52694

CRITICAL NUCLEI

Advantech IoT Edge Linux Docker < 2.0.2 - Unauthenticated SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-52694. PoCs published by Winz18. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python PoC and Nuclei template for CVE-2025-52694, an unauthenticated SQL injection vulnerability in Advantech IoTSuite/SaaS Composer. The exploit leverages time-based injection via PostgreSQL's pg_sleep function to confirm vulnerability.

Description

Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote attacker to execute arbitrary SQL commands on the vulnerable service when it is exposed to the Internet, potentially affecting data confidentiality, integrity, and availability. Users and administrators of affected product versions are advised to update to the latest versions immediately.

Exploits (1)

nomisec WORKING POC 3 stars

by Winz18 · poc

https://github.com/Winz18/CVE-2025-52694-POC

View Code ZIP pw:eip

This repository contains a functional Python PoC and Nuclei template for CVE-2025-52694, an unauthenticated SQL injection vulnerability in Advantech IoTSuite/SaaS Composer. The exploit leverages time-based injection via PostgreSQL's pg_sleep function to confirm vulnerability.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Advantech IoTSuite/SaaS Composer (versions prior to 3.4.15, V2.0.2)

No auth needed

Prerequisites: Network access to the target endpoint · Valid organization ID (1-5)

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Nuclei Templates (1)

Advantech WISE-IoTSuite/SaaS - SQL Injection

CRITICALVERIFIEDby Loi Nguyen Thang

Shodan: title:"SaaS Composer"

FOFA: title="SaaS Composer"

References (1)

Core 1

Core References

Mitigation, Third Party Advisory

https://www.csa.gov.sg/alerts-and-advisories/alerts/alerts-al-2026-001/

Scores

CVSS v3 10.0

EPSS 0.1495

EPSS Percentile 94.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-89

Status published

Products (5)

advantech/iot_edge_linux_docker < 2.0.2

advantech/iot_edge_windows < 2.0.2

advantech/iotsuite_growth_linux_docker < 2.0.2

advantech/iotsuite_saas_composer < 3.4.15

advantech/iotsuite_starter_linux_docker < 2.0.2

Published Jan 12, 2026

Tracked Since Feb 18, 2026