CVE-2025-8839
BaseFortify
Publication date: 2025-08-11
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jishenghua | jsherp | 3.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8839 is an Insecure Direct Object Reference (IDOR) vulnerability in jshERP versions up to 3.5, specifically in the /jshERP-boot/user/addUser endpoint. It allows a low-privilege authenticated user to create arbitrary new user accounts, including those with administrative or elevated privileges, due to improper or missing authorization checks. This means unauthorized users can escalate their privileges by adding accounts that should be restricted to system administrators only. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to full system compromise by allowing attackers to create administrator-level accounts or accounts with unauthorized permissions. Attackers can escalate privileges, bypass security controls, and potentially impact the confidentiality, integrity, and availability of the system. The exploit can be initiated remotely by authenticated low-privilege users, making it a significant security risk. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or suspicious POST requests to the /jshERP-boot/user/addUser endpoint, especially those originating from low-privilege authenticated users attempting to create new user accounts. A practical detection method is to inspect web server logs or use network monitoring tools to filter HTTP POST requests to this endpoint. For example, using command-line tools like curl to test the endpoint with crafted JSON data can help verify if the system is vulnerable. Example command to test (replace URL and credentials accordingly): curl -X POST -H "Content-Type: application/json" -d '{"loginName":"testuser","userName":"test","roleId":1}' https://your-jshERP-domain/jshERP-boot/user/addUser --cookie "session=your_session_cookie". Additionally, monitoring logs for unexpected user creation events or privilege escalations can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /jshERP-boot/user/addUser endpoint to only trusted and authorized system administrators, implementing strict validation of user permissions before allowing account creation operations, and monitoring for suspicious activity related to user account creation. Since no known mitigations or countermeasures currently exist, it is recommended to update or patch jshERP if a fix becomes available, or replace the affected product/component. Additionally, reviewing and tightening access control policies and session management can reduce the risk of exploitation. [1, 3]