PatchSiren cyber security CVE debrief
CVE-2025-4764 Aida Computer Information Technology Inc. CVE debrief
CVE-2025-4764 is a SQL Injection vulnerability in Aida Computer Information Technology's Hotel Guest Hotspot, affecting versions through 22012026. The vulnerability has a CVSS score of 8 and is classified as HIGH severity. The CVE was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2025-4764) and last modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2025-4764).
- Vendor
- Aida Computer Information Technology Inc.
- Product
- Hotel Guest Hotspot
- CVSS
- HIGH 8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-22
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-01-22
- Advisory updated
- 2026-06-05
Who should care
Users of Aida Computer Information Technology's Hotel Guest Hotspot should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability is caused by improper neutralization of special elements used in an SQL command, allowing for SQL injection attacks. The affected product is Hotel Guest Hotspot, with versions through 22012026 being vulnerable.
Defensive priority
HIGH
Recommended defensive actions
- Update Hotel Guest Hotspot to a version that is not vulnerable.
- Implement proper input validation and sanitization to prevent SQL injection attacks.
Evidence notes
The vendor was contacted early about this disclosure but did not respond in any way.
Official resources
-
CVE-2025-4764 CVE record
CVE.org
-
CVE-2025-4764 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
CVE-2025-4764 was published on 2026-01-22T10:16:07.520Z and last modified on 2026-06-05T16:16:33.423Z.