CVE-2025-5888
BaseFortify
Publication date: 2025-06-09
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jsnjfz | webstack-guns | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5888 is a Cross-Site Request Forgery (CSRF) vulnerability in WebStack-Guns version 1.0. It occurs because the application fails to verify the authenticity of requests that change sensitive data or user permissions, specifically in files like RoleController.java and UserMgrController.java. An attacker can trick an authenticated user into submitting a malicious request that executes with the user's privileges, allowing unauthorized actions such as changing user permissions or passwords without the user's consent. [1, 2, 4, 5]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized privilege escalation, account access, data manipulation, and potential data leakage. An attacker can exploit it remotely by tricking an authenticated user into submitting forged requests that change user permissions or passwords, potentially compromising account security and data integrity. [1, 2, 4, 5]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or suspicious POST requests to the endpoints /role/setAuthority and /mgr/changePwd, which are vulnerable to CSRF attacks. Detection involves checking for unexpected changes in user permissions or password changes without user consent. Since the vulnerability involves lack of CSRF protections, you can look for requests missing anti-CSRF tokens or requests that succeed even when the Referer header is missing or altered. Tools like Burp Suite or yakit can be used to test these endpoints by sending crafted POST requests without Referer headers to see if the server accepts them. Specific commands are not provided, but using web proxy tools to intercept and modify requests to these endpoints can help detect exploitation attempts. [2, 4, 5]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing anti-CSRF tokens in all state-changing requests and verifying these tokens server-side. Additionally, set cookies with the SameSite attribute (Strict or Lax) to prevent cross-origin requests. Validate the Referer header for sensitive actions to ensure requests originate from trusted sources. Use double-submit cookies, where a CSRF token is stored in a cookie and matched against the token submitted in the form. Require additional user verification for sensitive actions, such as password re-entry. If possible, replace or update the affected WebStack-Guns version to a patched release once available. Until then, applying these mitigations can reduce the risk of exploitation. [2, 4, 5]