CVE-2025-25379
Published: 28 February 2025
Description
An adversary may rely upon a user clicking a malicious link in order to gain execution.
Security Summary
CVE-2025-25379 is a Cross-Site Request Forgery (CSRF) vulnerability, mapped to CWE-352, affecting 07FLYCMS version 1.3.9. The flaw resides in the del.html component, where a remote attacker can exploit the id parameter to execute arbitrary code. Published on 2025-02-28, it carries a CVSS v3.1 base score of 9.6 (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H), indicating critical severity due to its potential for high-impact compromise.
The vulnerability can be exploited by a remote attacker requiring no privileges over the network with low attack complexity, though it necessitates user interaction, such as tricking an authenticated user into visiting a malicious site or clicking a forged link. Upon success, the attack changes scope and grants high confidentiality, integrity, and availability impacts, culminating in arbitrary code execution on the targeted 07FLYCMS instance.
Advisories and further details, including potential patches or workarounds, are referenced in the GitHub repository at https://github.com/R2og/Sun-jialiang/tree/main/9/readme.md.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CSRF vuln in public-facing CMS allows RCE via forged link requiring user interaction, directly mapping to T1190 (exploit public-facing app) and T1204.001 (malicious link for user execution).