CVE-2025-9402 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Con…
Medium CVSS: 5.1

CVE-2025-9402

A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Vendor
Utcms Project
Product
Utcms
CWE
CWE-918
Yayın Tarihi
2025-08-25 02:15:31
Güncelleme
2025-10-31 14:02:17
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-918 Utcms MEDIUM Utcms Project 2025

Referanslar

https://github.com/August829/Yu/blob/main/20250811_1.md https://github.com/August829/Yu/blob/main/20250811_1.md#poc https://vuldb.com/?ctiid.321238 https://vuldb.com/?id.321238 https://vuldb.com/?submit.632537