CVE-2025-9936
BaseFortify
Publication date: 2025-09-04
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fuyang_lipengjun | platform | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9936 is a Broken Function Level Authorization vulnerability in the fuyang_lipengjun platform version 1.0.0, specifically in the AdController's queryAll method. This vulnerability allows any authenticated user, even those with low privileges, to send a GET request to the /ad/queryAll endpoint and retrieve a complete list of all advertisement information. Normally, this data should only be accessible to users with administrative privileges. The root cause is that the queryAll method lacks proper permission checks, enabling unauthorized users to access sensitive data. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive advertisement information to any authenticated user, including those with low privileges. Attackers or unauthorized users can exploit this flaw remotely to access data that should be restricted, potentially leading to information leakage and misuse of the exposed advertisement data. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the endpoint /ad/queryAll with an authenticated user account that has low privileges. If the request returns a complete list of advertisement information without proper authorization checks, the system is vulnerable. A simple detection command using curl would be: curl -i -X GET http://host/ad/queryAll -b 'cookie=your_auth_cookie' where 'your_auth_cookie' represents the session cookie of a low-privileged authenticated user. If the response contains advertisement data that should be restricted, the vulnerability exists. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /ad/queryAll endpoint by implementing proper authorization checks to ensure only administrative or authorized users can access this data. Until a patch is applied, consider blocking or filtering requests to this endpoint from low-privileged users or unauthenticated users at the web application firewall or network level. Additionally, monitor access logs for suspicious requests to /ad/queryAll and review user privileges to limit exposure. [1, 2]