CVE-2025-15458

HighPublic PoC

Published: 05 January 2026

Published

05 January 2026

Modified

15 January 2026

KEV Added

—

Patch

—

CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0042 61.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely.…

The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly remediates the improper authentication flaw in /mc-admin/post-edit.php to prevent exploitation of the Article Handler component.

IA-2 Identification and Authentication (Organizational Users) good match

prevent

Ensures robust identification and authentication for users accessing administrative functions, countering the authentication bypass vulnerability.

AC-3 Access Enforcement good match

prevent

Enforces approved access authorizations to block unauthorized remote access to sensitive admin endpoints like post-edit.php.

Security SummaryAI

CVE-2025-15458 is an improper authentication vulnerability (CWE-287) in bg5sbk MiniCMS versions up to 1.8. The issue resides in an unknown function within the file /mc-admin/post-edit.php of the Article Handler component. It carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network accessibility and lack of prerequisites for exploitation.

The vulnerability can be exploited remotely by unauthenticated attackers with no privileges required. Successful manipulation bypasses authentication controls, potentially granting unauthorized access to administrative functions related to article editing. This could enable attackers to modify, delete, or create content within the CMS, with low-level impacts on confidentiality, integrity, and availability.

Advisories from VulDB and a GitHub issue in ueh1013/VULN detail the vulnerability but provide no information on patches or vendor-supplied mitigations, as the vendor was contacted early for disclosure coordination yet did not respond. Security practitioners should isolate or decommission affected MiniCMS instances and monitor for exploitation attempts targeting the /mc-admin/post-edit.php endpoint.

The exploit has been publicly disclosed via the referenced GitHub issue and VulDB entries, making it readily available for use by threat actors. No evidence of active in-the-wild exploitation is noted in available sources.

Details

CWE(s): CWE-287 NVD-CWE-noinfo

Affected Products

1234n

minicms

≤ 1.8

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2025-15458 is an improper authentication bypass in a public-facing web CMS (/mc-admin/post-edit.php), enabling unauthenticated remote exploitation for unauthorized admin access, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/ueh1013/VULN/issues/9
Exploit, Issue Tracking, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.339491
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.339491
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.725142
Third Party Advisory, VDB Entry · cna@vuldb.com
https://github.com/ueh1013/VULN/issues/9
Exploit, Issue Tracking, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0