CVE-2025-9514
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-27

Last updated on: 2025-11-26

Assigner: VulDB

Description
A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-27
Last Modified
2025-11-26
Generated
2026-06-16
AI Q&A
2025-08-27
EPSS Evaluated
2026-06-14
NVD
CVE-2025-9514
EUVD
EUVD-2025-28864
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
macrozheng mall to 1.0.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-521 The product does not require that users should have strong passwords.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in macrozheng mall up to version 1.0.3, specifically in the Registration component. It allows manipulation that leads to weak password requirements. The attack can be executed remotely but is highly complex and difficult to exploit. The vendor removed the related GitHub issue without explanation.

Impact Analysis

The vulnerability can lead to weak password enforcement during user registration, potentially allowing attackers to create accounts with weak passwords. This could increase the risk of unauthorized access if attackers exploit weak credentials. However, the attack is complex and difficult to execute remotely.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9514. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart