CVE-2026-12076

Raytha · Raytha CMS

Raytha CMS contains an SQL injection vulnerability in its OData filter parsing pipeline, enabling unauthenticated remote attackers to execute arbitrary SQL statements against the backend database.

Executive summary

A critical SQL injection vulnerability in the Raytha CMS OData pipeline permits unauthenticated attackers to gain full database compromise and extract sensitive credentials.

Vulnerability

The vulnerability exists within the OData filter parsing pipeline, where unsanitized input is used to construct database queries. This allows an unauthenticated attacker to manipulate queries and execute arbitrary SQL against the PostgreSQL database.

Business impact

The CVSS score of 9.3 reflects the high severity of this flaw, as it grants attackers broad access to the backend database. Successful exploitation could result in the total compromise of stored data, including user credentials and proprietary information, leading to severe regulatory and operational consequences.

Remediation

Immediate Action: Update Raytha to the latest version as soon as a patch is available; consult the vendor advisory for specific versioning details.

Proactive Monitoring: Monitor database query performance and audit logs for unusual OData filter syntax or unexpected data extraction attempts.

Compensating Controls: Implement WAF rules to filter and sanitize OData query parameters and limit database permissions for the service account used by the CMS.

Exploitation status

Public Exploit Available: Not specified

Analyst recommendation

This vulnerability represents a significant risk to organizational data. Administrators should monitor the vendor's security channels closely for patch releases and apply updates immediately upon availability to prevent unauthorized database access.