CVE-2025-9461
BaseFortify
Publication date: 2025-08-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| diyhi | bbs | to 6.8 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9461 is an information disclosure vulnerability in diyhi bbs up to version 6.8. It exists in the File Compression Handler component, specifically in the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java. The vulnerability arises from improper handling of the idGroup argument, which can be manipulated remotely to compress and download sensitive files, including database credential configuration files. This leads to leakage of sensitive information due to improper access control in the file packaging and download feature. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive information such as database account passwords and other confidential files. An attacker can remotely exploit this flaw to access and download sensitive files without proper authorization, potentially compromising the confidentiality of your system and data. This could result in further attacks or data breaches. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability can be performed by monitoring for unusual requests manipulating the 'idGroup' parameter in the file packaging and download feature of diyhi bbs up to version 6.8, specifically targeting the endpoint related to FilePackageManageAction.java. Since a public proof-of-concept exploit is available, network intrusion detection systems (NIDS) can be configured to alert on suspicious HTTP requests containing 'idGroup' parameters attempting to access compressed archives. Additionally, reviewing web server logs for requests to the file packaging functionality with unusual or unauthorized 'idGroup' values can help detect exploitation attempts. Specific commands depend on your environment, but examples include using grep on web server logs: `grep 'idGroup=' /var/log/httpd/access_log` or `grep 'idGroup=' /var/log/nginx/access.log` to identify suspicious access patterns. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the file packaging and download functionality to authorized users only, applying strict input validation and access control on the 'idGroup' parameter to prevent unauthorized file access, and monitoring for exploitation attempts. Since no known countermeasures or patches are documented, consider disabling the vulnerable feature if possible or replacing the affected component or product. Additionally, monitor cyber threat intelligence sources for updates or patches and apply them once available. [2]