CVE-2025-50586
BaseFortify
Publication date: 2025-07-18
Last updated on: 2025-09-09
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| daycloud | studentmanage | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-50586 is a Cross-Site Request Forgery (CSRF) vulnerability in the "add student" interface of StudentManage v1.0. It allows an attacker to add a new student record without proper authorization by exploiting the lack of CSRF protection. Specifically, the addStudentController does not validate CSRF tokens, so if an authenticated admin clicks a malicious link crafted by an attacker, a new student can be added without the admin's explicit consent. [1]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to perform unauthorized actions on behalf of an authenticated administrator, such as adding fake student records to the system. This can lead to data integrity issues, unauthorized data manipulation, and potential misuse of the system's administrative functions without the administrator's knowledge. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This CSRF vulnerability can be detected by monitoring for unauthorized or unexpected requests to the addStudent endpoint that include parameters like studentNo, studentName, idCard, gender, age, and year without proper CSRF token validation. Since the vulnerability involves a GET request triggered by a malicious webpage, you can inspect web server logs for suspicious GET requests to the addStudentController. Commands such as `grep 'addStudent' /path/to/access.log` on the server can help identify such requests. Additionally, using tools like Burp Suite or OWASP ZAP to test the addStudent interface for missing CSRF tokens can confirm the vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to implement CSRF protection on critical operations like adding students. This typically involves including and validating CSRF tokens in requests to ensure that actions are authorized and not initiated from external malicious sites. Until a patch is applied, restrict access to the addStudent functionality to trusted users only, and educate users to avoid clicking suspicious links while authenticated. Monitoring and logging suspicious requests can also help detect exploitation attempts. [1]