June 26, 2025

CVE-2025-53122 - SQLi in OpenNMS Horizon and Meridian

1. Vulnerability Properties

Title: SQLi in OpenNMS Horizon and Meridian
CVE ID: CVE-2025-53122
CVSSv4 Base Score: 6.9 /AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Vendor: The OpenNMS Group
Products: OpenNMS Horizon
Advisory Release Date: 26/06/2025
Advisory URL: https://labs.integrity.pt/advisories/cve-2025-53122
Credits: Discovery by Fábio Tomé fabio.tome@devoteam.com

2. Vulnerability Summary

OpenNMS is an open-source network monitoring platform to visualize and monitor your local and distributed networks. Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in OpenNMS Horizon and Meridian applications allows SQL Injection.

4. Vulnerable Versions

>= 25.2.1, <= 33.1.6, 33.1.7
>= 33.0.8, <= 33.1.6, 33.1.7
unknown from >= 25.2.1, <= 33.1.6, 33.1.7

5. Solution

upgrade to Meridian 2024.2.6 or newer, or Horizon 33.16 or newer

6. Vulnerability Timeline.

26/04/2024 - Bug reported to OpenNMS
13/04/2025 - Bug verified by OpenNMS
22/04/2025 - Solved by OpenNMS
26/06/2025 - Advisory released

7. References

https://nvd.nist.gov/vuln/detail/CVE-2025-53122
https://github.com/OpenNMS/opennms/pull/7709
https://opennms.atlassian.net/browse/NMS-17876
https://github.com/advisories/GHSA-gf77-whxf-fmrr

CVE-2025-53121 - Multiple stored XSS in OpenNMS Horizon