CVE-2025-7552
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-14

Last updated on: 2025-07-15

Assigner: VulDB

Description
A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical. Affected by this issue is the function preHandle of the file northstar-main/src/main/java/org/dromara/northstar/web/interceptor/AuthorizationInterceptor.java of the component Path Handler. The manipulation of the argument Request leads to improper access controls. The attack may be launched remotely. Upgrading to version 7.3.6 is able to address this issue. The patch is identified as 8d521bbf531de59b09b8629a9cbf667870ad2541. It is recommended to upgrade the affected component.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-14
Last Modified
2025-07-15
Generated
2026-05-27
AI Q&A
2025-07-14
EPSS Evaluated
2026-05-25
NVD
CVE-2025-7552
EUVD
EUVD-2025-21288
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dromara northstar 7.3.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7552 is a critical access control vulnerability in Dromara Northstar (up to version 7.3.5) that occurs in the preHandle function of the AuthorizationInterceptor.java file. The vulnerability arises because the access control logic improperly handles URL-encoded characters in the request path, allowing attackers to bypass authorization checks by encoding parts of the URL. For example, an attacker can access protected APIs like /northstar/log by using an encoded path such as /%6Eorthstar/log, which the system fails to properly decode and verify. This leads to unauthorized access to sensitive resources without valid authentication. [1, 2]


How can this vulnerability impact me? :

This vulnerability allows remote attackers to bypass access controls and gain unauthorized access to protected APIs and sensitive data, such as log contents. Since the attack can be performed without authentication and remotely, it poses a significant security risk by compromising the confidentiality, integrity, and availability of the affected system. Attackers could exploit this to access or manipulate sensitive information, potentially leading to data breaches or further exploitation. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to access protected /northstar/* API endpoints using URL-encoded paths that bypass the authorization interceptor. For example, sending a GET request to an endpoint like /%6Eorthstar/log (where %6E is the URL-encoded 'n') should normally be blocked but may return data if vulnerable. A sample command using curl to test this is: curl -i -X GET "http://<target-host>/%6Eorthstar/log?positionOffset=0&tailNumOfLines=100" -H "Cookie: JSESSIONID=<session-id>". If the response is HTTP 200 OK with sensitive data instead of HTTP 401 Unauthorized, the system is vulnerable. [2]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade Dromara Northstar to version 7.3.6, which includes the official patch (commit ID: 8d521bbf531de59b09b8629a9cbf667870ad2541) that fixes the improper access control issue. Until the upgrade can be applied, consider restricting access to the affected APIs via network controls or web application firewalls to prevent exploitation of the URL-encoded path bypass. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart