CVE-2025-8345

MEDIUM

Lingdang CRM < 8.6.5.2 - SQL Injection via yunzhijiaApi.php delete_user Function

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-8345. PoCs published by iSee857.

AI-analyzed exploit summary The repository contains a functional exploit PoC for CVE-2026-22812, targeting OpenCode for remote command execution (RCE). The script establishes a session, then sends a crafted JSON payload to execute the 'id' command, verifying RCE by checking for 'uid=' and 'gid=' in the response.

Description

A vulnerability classified as critical was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this vulnerability is the function delete_user of the file crm/WeiXinApp/yunzhijia/yunzhijiaApi.php. The manipulation of the argument function leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.6.5.2 is able to address this issue. It is recommended to upgrade the affected component.

Exploits (1)

github WORKING POC 40 stars

by iSee857 · pythonpoc

https://github.com/iSee857/CVE-PoC/tree/main/LingDangCRM-CVE-2025-8345-sqlInjection.py

View Code ZIP pw:eip

The repository contains a functional exploit PoC for CVE-2026-22812, targeting OpenCode for remote command execution (RCE). The script establishes a session, then sends a crafted JSON payload to execute the 'id' command, verifying RCE by checking for 'uid=' and 'gid=' in the response.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: OpenCode (version unspecified)

No auth needed

Prerequisites: Network access to the target · OpenCode service running and accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.318295

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.318295

Third Party Advisory, VDB Entry third-party-advisory

https://vuldb.com/?submit.617844

Broken Link exploit

https://github.com/jackyliu666/blob01/blob/main/README.md

Scores

CVSS v3 6.3

EPSS 0.0029

EPSS Percentile 20.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-74 CWE-89

Status published

Products (1)

51mis/lingdang_crm < 8.6.5.2

Published Jul 31, 2025

Tracked Since Feb 18, 2026