CVE-2025-6865
BaseFortify
Publication date: 2025-06-29
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| daicuo | daicuo | to 1.3.13 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6865 is a Cross-Site Request Forgery (CSRF) vulnerability in DaiCuo CMS up to version 1.3.13, specifically in the /admin.php/addon/index component. It allows an attacker to trick an authenticated user into performing unauthorized actions without their consent by exploiting insufficient verification of requests. The attack can be initiated remotely and does not require the attacker to be authenticated. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to perform unauthorized actions on your DaiCuo CMS installation without your knowledge or consent. Since the attack exploits authenticated users, it can compromise the integrity of your application by executing unintended commands or changes, potentially leading to misuse or disruption of your system. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this CSRF vulnerability involves monitoring for unauthorized or suspicious POST requests to the /admin.php/addon/index endpoint that could be exploiting the lack of CSRF protections. Since the exploit is publicly available, network intrusion detection systems (NIDS) can be configured to look for known exploit patterns targeting this path. Additionally, reviewing web server logs for unusual requests or unexpected actions performed without proper CSRF tokens can help identify exploitation attempts. Specific commands are not provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing or upgrading the affected DaiCuo CMS software to a version that addresses this vulnerability if available. Since no known mitigations or countermeasures have been identified, it is recommended to implement CSRF protections such as verifying CSRF tokens on sensitive endpoints like /admin.php/addon/index. Restricting access to the admin interface by IP or requiring additional authentication factors can also reduce risk. Monitoring and blocking suspicious requests targeting this endpoint is advised until a patch is applied. [2]