CVE-2025-6106
BaseFortify
Publication date: 2025-06-16
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| 72crm | wukong_crm | 9.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized modification of user permissions, privilege escalation, unauthorized account access, data manipulation, potential data loss, and unauthorized data leakage. For example, an attacker could grant administrator privileges to a regular user without the administrator's knowledge, compromising the security and integrity of the system. [3]
Can you explain this vulnerability to me?
CVE-2025-6106 is a Cross-Site Request Forgery (CSRF) vulnerability in WuKongOpenSource WukongCRM version 9.0, specifically in the AdminRoleController.java file via the /system/role/relatedUser endpoint. The vulnerability occurs because the application does not properly verify that requests changing user roles or permissions are intentionally submitted by an authenticated user. This allows an attacker to trick an authenticated administrator into submitting a malicious request that can change user permissions without their consent. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or suspicious POST requests to the endpoint /system/role/relatedUser, especially those that attempt to change user permissions without proper CSRF tokens or referer validation. Detection can involve inspecting web server logs or using web application firewalls (WAF) to identify requests lacking anti-CSRF tokens or with forged parameters such as userIds and roleIds. Specific commands depend on your environment, but for example, using curl to test the endpoint with and without CSRF tokens or analyzing logs with grep for suspicious POST requests to /system/role/relatedUser can help. However, no exact detection commands are provided in the resources. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing anti-CSRF protections such as adding anti-CSRF tokens to all state-changing forms and actions, setting cookies with the SameSite attribute (Strict or Lax), validating the Referer header for sensitive actions, and using double-submit cookies to verify request authenticity. Additionally, requiring extra user verification for sensitive operations can help prevent unauthorized privilege changes. If possible, consider replacing the affected component with an alternative product as no official vendor patch is available. [3, 2]