CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1915 vulnerabilities reference this CWE, most recent first.
CVE-2025-6531 (GCVE-0-2025-6531)
Vulnerability from cvelistv5 – Published: 2025-06-23 23:31 – Updated: 2025-06-26 14:39| URL | Tags |
|---|---|
| https://vuldb.com/?id.313648 | vdb-entry |
| https://vuldb.com/?ctiid.313648 | signaturepermissions-required |
| https://vuldb.com/?submit.595452 | third-party-advisory |
| https://github.com/geo-chen/BD | related |
| https://github.com/geo-chen/BD?tab=readme-ov-file… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6531",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-26T14:35:20.364444Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-26T14:39:22.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/geo-chen/BD"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"RTSP Live Video Stream Endpoint"
],
"product": "BD S1",
"vendor": "SIFUSM",
"versions": [
{
"status": "affected",
"version": "20250611"
}
]
},
{
"modules": [
"RTSP Live Video Stream Endpoint"
],
"product": "BD S1",
"vendor": "MZZYG",
"versions": [
{
"status": "affected",
"version": "20250611"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "geochen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as problematic. This vulnerability affects unknown code of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. This dashcam is distributed by multiple resellers and different names."
},
{
"lang": "de",
"value": "In SIFUSM/MZZYG BD S1 bis 20250611 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente RTSP Live Video Stream Endpoint. Mittels dem Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei im lokalen Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T23:31:06.122Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-313648 | SIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.313648"
},
{
"name": "VDB-313648 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.313648"
},
{
"name": "Submit #595452 | BD dashcam BD S1 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595452"
},
{
"tags": [
"related"
],
"url": "https://github.com/geo-chen/BD"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/geo-chen/BD?tab=readme-ov-file#finding-1-unauthenticated-access-of-livestream-and-download-of-video-recordings"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-23T16:21:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "SIFUSM/MZZYG BD S1 RTSP Live Video Stream Endpoint access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6531",
"datePublished": "2025-06-23T23:31:06.122Z",
"dateReserved": "2025-06-23T14:15:52.828Z",
"dateUpdated": "2025-06-26T14:39:22.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6527 (GCVE-0-2025-6527)
Vulnerability from cvelistv5 – Published: 2025-06-23 22:00 – Updated: 2025-06-24 17:01| URL | Tags |
|---|---|
| https://vuldb.com/?id.313644 | vdb-entry |
| https://vuldb.com/?ctiid.313644 | signaturepermissions-required |
| https://vuldb.com/?submit.595448 | third-party-advisory |
| https://github.com/geo-chen/70mai/blob/main/READM… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6527",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T16:59:27.519348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T17:01:19.583Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Web Server"
],
"product": "M300",
"vendor": "70mai",
"versions": [
{
"status": "affected",
"version": "20250611"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "geochen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611. Affected is an unknown function of the component Web Server. The manipulation leads to improper access controls. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in 70mai M300 bis 20250611 gefunden. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Web Server. Dank Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T22:00:15.277Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-313644 | 70mai M300 Web Server access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.313644"
},
{
"name": "VDB-313644 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.313644"
},
{
"name": "Submit #595448 | 70mai dashcam M300 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595448"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/geo-chen/70mai/blob/main/README.md#finding-5-remotely-dump-all-sensitive-video--audio-recordings"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-23T16:16:52.000Z",
"value": "VulDB entry last update"
}
],
"title": "70mai M300 Web Server access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6527",
"datePublished": "2025-06-23T22:00:15.277Z",
"dateReserved": "2025-06-23T14:11:46.823Z",
"dateUpdated": "2025-06-24T17:01:19.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6525 (GCVE-0-2025-6525)
Vulnerability from cvelistv5 – Published: 2025-06-23 21:31 – Updated: 2025-06-24 17:09| URL | Tags |
|---|---|
| https://vuldb.com/?id.313642 | vdb-entry |
| https://vuldb.com/?ctiid.313642 | signaturepermissions-required |
| https://vuldb.com/?submit.595446 | third-party-advisory |
| https://github.com/geo-chen/70mai/blob/main/READM… | exploit |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6525",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-24T17:08:04.058567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T17:09:57.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Configuration Handler"
],
"product": "1S",
"vendor": "70mai",
"versions": [
{
"status": "affected",
"version": "20250611"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "geochen (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper authorization. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In 70mai 1S bis 20250611 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /cgi-bin/Config.cgi?action=set der Komponente Configuration Handler. Durch Beeinflussen mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-23T21:31:05.407Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-313642 | 70mai 1S Configuration Config.cgi improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.313642"
},
{
"name": "VDB-313642 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.313642"
},
{
"name": "Submit #595446 | 70mai dashcam Dash Cam 1S Configuration",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.595446"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/geo-chen/70mai/blob/main/README.md#finding-3-unauthorised-configuration-change"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-23T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-23T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-23T16:16:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "70mai 1S Configuration Config.cgi improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6525",
"datePublished": "2025-06-23T21:31:05.407Z",
"dateReserved": "2025-06-23T14:11:15.250Z",
"dateUpdated": "2025-06-24T17:09:57.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6325 (GCVE-0-2025-6325)
Vulnerability from cvelistv5 – Published: 2025-11-06 15:56 – Updated: 2026-04-28 18:22- CWE-266 - Incorrect Privilege Assignment
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
| Vendor | Product | Version | |
|---|---|---|---|
| KingAddons.com | King Addons for Elementor |
Affected:
0 , ≤ 51.1.36
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T16:34:44.930165Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T18:22:03.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "king-addons",
"product": "King Addons for Elementor",
"vendor": "KingAddons.com",
"versions": [
{
"changes": [
{
"at": "51.1.37",
"status": "unaffected"
}
],
"lessThanOrEqual": "51.1.36",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abu Hurayra | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:01:03.339Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king-addons allows Privilege Escalation.\u003cp\u003eThis issue affects King Addons for Elementor: from n/a through \u003c= 51.1.36.\u003c/p\u003e"
}
],
"value": "Incorrect Privilege Assignment vulnerability in KingAddons.com King Addons for Elementor king-addons allows Privilege Escalation.This issue affects King Addons for Elementor: from n/a through \u003c= 51.1.36."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:14:10.299Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/king-addons/vulnerability/wordpress-king-addons-for-elementor-plugin-51-1-36-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "WordPress King Addons for Elementor plugin \u003c= 51.1.36 - Privilege Escalation vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2025-6325",
"datePublished": "2025-11-06T15:56:05.901Z",
"dateReserved": "2025-06-19T10:04:18.974Z",
"dateUpdated": "2026-04-28T18:22:03.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6099 (GCVE-0-2025-6099)
Vulnerability from cvelistv5 – Published: 2025-06-16 01:00 – Updated: 2025-06-16 16:20| URL | Tags |
|---|---|
| https://vuldb.com/?id.312568 | vdb-entry |
| https://vuldb.com/?ctiid.312568 | signaturepermissions-required |
| https://vuldb.com/?submit.589495 | third-party-advisory |
| https://github.com/szluyu99/gin-vue-blog/issues/28 | exploitissue-tracking |
| Vendor | Product | Version | |
|---|---|---|---|
| szluyu99 | gin-vue-blog |
Affected:
61dd11ccd296e8642a318ada3ef7b3f7776d2410
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6099",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T16:20:10.655226Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T16:20:25.933Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"PATCH Request Handler"
],
"product": "gin-vue-blog",
"vendor": "szluyu99",
"versions": [
{
"status": "affected",
"version": "61dd11ccd296e8642a318ada3ef7b3f7776d2410"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Tritium (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PATCH Request Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available."
},
{
"lang": "de",
"value": "In szluyu99 gin-vue-blog bis 61dd11ccd296e8642a318ada3ef7b3f7776d2410 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei gin-blog-server/internal/manager.go der Komponente PATCH Request Handler. Durch die Manipulation mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T01:00:16.170Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-312568 | szluyu99 gin-vue-blog PATCH Request manager.go improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.312568"
},
{
"name": "VDB-312568 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.312568"
},
{
"name": "Submit #589495 | szluyu99 https://github.com/szluyu99/gin-vue-blog commit 61dd11ccd296e8642a318ada3ef7b3f7776d2410 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.589495"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/szluyu99/gin-vue-blog/issues/28"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-15T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-15T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-15T09:07:24.000Z",
"value": "VulDB entry last update"
}
],
"title": "szluyu99 gin-vue-blog PATCH Request manager.go improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-6099",
"datePublished": "2025-06-16T01:00:16.170Z",
"dateReserved": "2025-06-15T07:02:21.763Z",
"dateUpdated": "2025-06-16T16:20:25.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5999 (GCVE-0-2025-5999)
Vulnerability from cvelistv5 – Published: 2025-08-01 17:38 – Updated: 2025-08-01 18:08- CWE-266 - Incorrect Privilege Assignment
| Vendor | Product | Version | |
|---|---|---|---|
| HashiCorp | Vault |
Affected:
0.10.4 , < 1.20.0
(semver)
|
|
| HashiCorp | Vault Enterprise |
Affected:
0.10.4 , < 1.20.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-01T18:08:49.600194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-01T18:08:59.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Vault",
"repo": "http://github.com/hashicorp/vault",
"vendor": "HashiCorp",
"versions": [
{
"lessThan": "1.20.0",
"status": "affected",
"version": "0.10.4",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"64 bit",
"32 bit",
"x86",
"ARM",
"MacOS",
"Windows",
"Linux"
],
"product": "Vault Enterprise",
"repo": "http://github.com/hashicorp/vault",
"vendor": "HashiCorp",
"versions": [
{
"changes": [
{
"at": "1.19.6",
"status": "unaffected"
},
{
"at": "1.18.11",
"status": "unaffected"
},
{
"at": "1.16.22",
"status": "unaffected"
}
],
"lessThan": "1.20.0",
"status": "affected",
"version": "0.10.4",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA privileged Vault operator with write permissions to the root namespace\u2019s identity endpoint could escalate their own or another user\u2019s token privileges to Vault\u2019s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.\u003c/p\u003e\u003cbr/\u003e"
}
],
"value": "A privileged Vault operator with write permissions to the root namespace\u2019s identity endpoint could escalate their own or another user\u2019s token privileges to Vault\u2019s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "CWE-266: Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-01T17:38:58.409Z",
"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"shortName": "HashiCorp"
},
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2025-13-vault-root-namespace-operator-may-elevate-token-privileges/76032"
}
],
"source": {
"advisory": "HCSEC-2025-13",
"discovery": "EXTERNAL"
},
"title": "Vault Root Namespace Operator May Elevate Token Privileges"
}
},
"cveMetadata": {
"assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
"assignerShortName": "HashiCorp",
"cveId": "CVE-2025-5999",
"datePublished": "2025-08-01T17:38:58.409Z",
"dateReserved": "2025-06-11T14:37:52.021Z",
"dateUpdated": "2025-08-01T18:08:59.605Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5791 (GCVE-0-2025-5791)
Vulnerability from cvelistv5 – Published: 2025-06-06 13:10 – Updated: 2025-11-20 07:41- CWE-266 - Incorrect Privilege Assignment
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2025:12359 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2025-5791 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2370001 | issue-trackingx_refsource_REDHAT |
| https://crates.io/crates/users | |
| https://github.com/ogham/rust-users/issues/44 | |
| https://rustsec.org/advisories/RUSTSEC-2025-0040.html |
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0.8.0 , < 0.11.1
(semver)
|
|||
| Red Hat | Red Hat OpenShift sandboxed containers 1.1 |
Unaffected:
sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba , < *
(rpm)
cpe:/a:redhat:confidential_compute_attestation:1.10::el9 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Trusted Profile Analyzer |
cpe:/a:redhat:trusted_profile_analyzer:1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T13:40:43.009202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T13:40:47.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/ogham/rust-users/",
"defaultStatus": "unaffected",
"packageName": "rust-users",
"versions": [
{
"lessThan": "0.11.1",
"status": "affected",
"version": "0.8.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-sandboxed-containers/osc-rhel9-operator",
"product": "Red Hat OpenShift sandboxed containers 1.1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "rust-ssh-key-dir",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "rust-afterburn",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "kata-containers",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "rust-afterburn",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:trusted_profile_analyzer:1"
],
"defaultStatus": "affected",
"packageName": "rhtpa/rhtpa-trustification-service-rhel9",
"product": "Red Hat Trusted Profile Analyzer",
"vendor": "Red Hat"
}
],
"datePublic": "2025-01-15T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the user\u0027s crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T07:41:09.666Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:12359",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12359"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-5791"
},
{
"name": "RHBZ#2370001",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370001"
},
{
"url": "https://crates.io/crates/users"
},
{
"url": "https://github.com/ogham/rust-users/issues/44"
},
{
"url": "https://rustsec.org/advisories/RUSTSEC-2025-0040.html"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-03T13:02:24.781Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-01-15T12:00:00.000Z",
"value": "Made public."
}
],
"title": "Users: `root` appended to group listings",
"x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-5791",
"datePublished": "2025-06-06T13:10:07.157Z",
"dateReserved": "2025-06-06T08:09:10.242Z",
"dateUpdated": "2025-11-20T07:41:09.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5649 (GCVE-0-2025-5649)
Vulnerability from cvelistv5 – Published: 2025-06-05 09:00 – Updated: 2025-06-05 14:07| URL | Tags |
|---|---|
| https://vuldb.com/?id.311139 | vdb-entry |
| https://vuldb.com/?ctiid.311139 | signaturepermissions-required |
| https://vuldb.com/?submit.589458 | third-party-advisory |
| https://github.com/Watskip/GeneralResearch/blob/m… | exploit |
| https://www.sourcecodester.com/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| SourceCodester | Student Result Management System |
Affected:
1.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5649",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T13:18:16.152201Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T14:07:31.722Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Watskip/GeneralResearch/blob/main/Exploits/SRMS/Unauthorized%20privileged%20user%20creation.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Register Interface"
],
"product": "Student Result Management System",
"vendor": "SourceCodester",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Tensei (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /admin/core/new_user of the component Register Interface. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in SourceCodester Student Result Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /admin/core/new_user der Komponente Register Interface. Durch Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-05T09:00:17.302Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311139 | SourceCodester Student Result Management System Register Interface new_user access control",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.311139"
},
{
"name": "VDB-311139 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311139"
},
{
"name": "Submit #589458 | SourceCodester Student Result Management System 1.0 Improper Access Control for Register Interface",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.589458"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Watskip/GeneralResearch/blob/main/Exploits/SRMS/Unauthorized%20privileged%20user%20creation.md"
},
{
"tags": [
"product"
],
"url": "https://www.sourcecodester.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-04T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-04T14:38:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "SourceCodester Student Result Management System Register Interface new_user access control"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5649",
"datePublished": "2025-06-05T09:00:17.302Z",
"dateReserved": "2025-06-04T12:32:55.378Z",
"dateUpdated": "2025-06-05T14:07:31.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5522 (GCVE-0-2025-5522)
Vulnerability from cvelistv5 – Published: 2025-06-03 19:00 – Updated: 2025-06-03 19:11| URL | Tags |
|---|---|
| https://vuldb.com/?id.310958 | vdb-entry |
| https://vuldb.com/?ctiid.310958 | signaturepermissions-required |
| https://vuldb.com/?submit.584986 | third-party-advisory |
| https://gitee.com/jack0240/bskms/issues/ICAOOU | exploitissue-tracking |
| Vendor | Product | Version | |
|---|---|---|---|
| jack0240 魏 | bskms 蓝天幼儿园管理系统 |
Affected:
dffe6640b5b54d8e29da6f060e0493fea74b3fad
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5522",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T19:11:35.443411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T19:11:52.108Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"User Creation Handler"
],
"product": "bskms \u84dd\u5929\u5e7c\u513f\u56ed\u7ba1\u7406\u7cfb\u7edf",
"vendor": "jack0240 \u9b4f",
"versions": [
{
"status": "affected",
"version": "dffe6640b5b54d8e29da6f060e0493fea74b3fad"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Eurekya (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in jack0240 \u9b4f bskms \u84dd\u5929\u5e7c\u513f\u56ed\u7ba1\u7406\u7cfb\u7edf up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sa/addUser of the component User Creation Handler. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available."
},
{
"lang": "de",
"value": "Eine kritische Schwachstelle wurde in jack0240 \u9b4f bskms \u84dd\u5929\u5e7c\u513f\u56ed\u7ba1\u7406\u7cfb\u7edf bis dffe6640b5b54d8e29da6f060e0493fea74b3fad ausgemacht. Betroffen davon ist ein unbekannter Prozess der Datei /sa/addUser der Komponente User Creation Handler. Durch Beeinflussen mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T19:00:22.162Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310958 | jack0240 \u9b4f bskms \u84dd\u5929\u5e7c\u513f\u56ed\u7ba1\u7406\u7cfb\u7edf User Creation addUser improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.310958"
},
{
"name": "VDB-310958 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310958"
},
{
"name": "Submit #584986 | Jack\u9b4f \u84dd\u5929\u5e7c\u513f\u56ed\u7ba1\u7406\u7cfb\u7edf 1 Unauthorized access",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584986"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://gitee.com/jack0240/bskms/issues/ICAOOU"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-03T11:42:39.000Z",
"value": "VulDB entry last update"
}
],
"title": "jack0240 \u9b4f bskms \u84dd\u5929\u5e7c\u513f\u56ed\u7ba1\u7406\u7cfb\u7edf User Creation addUser improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5522",
"datePublished": "2025-06-03T19:00:22.162Z",
"dateReserved": "2025-06-03T09:37:36.247Z",
"dateUpdated": "2025-06-03T19:11:52.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5511 (GCVE-0-2025-5511)
Vulnerability from cvelistv5 – Published: 2025-06-03 17:00 – Updated: 2025-06-03 17:33| URL | Tags |
|---|---|
| https://vuldb.com/?id.310925 | vdb-entry |
| https://vuldb.com/?ctiid.310925 | signaturepermissions-required |
| https://vuldb.com/?submit.584490 | third-party-advisory |
| https://github.com/uglory-gll/javasec/blob/main/s… | related |
| https://github.com/uglory-gll/javasec/blob/main/s… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| quequnlong | shiyi-blog |
Affected:
1.2.0
Affected: 1.2.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5511",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T17:33:33.729623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T17:33:48.688Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "shiyi-blog",
"vendor": "quequnlong",
"versions": [
{
"status": "affected",
"version": "1.2.0"
},
{
"status": "affected",
"version": "1.2.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "uglory (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to 1.2.1. This issue affects some unknown processing of the file /dev api/app/album/photos/. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Eine Schwachstelle wurde in quequnlong shiyi-blog bis 1.2.1 entdeckt. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei /dev api/app/album/photos/. Durch Beeinflussen mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T17:00:19.488Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-310925 | quequnlong shiyi-blog photos improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.310925"
},
{
"name": "VDB-310925 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.310925"
},
{
"name": "Submit #584490 | quequnlong shiyi-blog 1.2.1 Logical loopholes 1",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.584490"
},
{
"tags": [
"related"
],
"url": "https://github.com/uglory-gll/javasec/blob/main/shiyi-blog.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/uglory-gll/javasec/blob/main/shiyi-blog.md#31bypass-password-verification-and-directly-view-photo-albums"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-03T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-03T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-03T08:03:23.000Z",
"value": "VulDB entry last update"
}
],
"title": "quequnlong shiyi-blog photos improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5511",
"datePublished": "2025-06-03T17:00:19.488Z",
"dateReserved": "2025-06-03T05:58:08.163Z",
"dateUpdated": "2025-06-03T17:33:48.688Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.