CVE-2025-11272
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-04

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability has been found in SeriaWei ZKEACMS up to 4.3. This affects the function Delete of the file src/ZKEACMS.Redirection/Controllers/UrlRedirectionController.cs of the component POST Request Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-04
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-10-04
EPSS Evaluated
2026-05-05
NVD
CVE-2025-11272
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
seriawei zkeacms 4.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-11272 is an improper authorization vulnerability in SeriaWei ZKEACMS up to version 4.3. The issue exists in the Delete method of the UrlRedirectionController, which lacks any permission or authorization checks. This allows an attacker to send an unauthenticated POST request to the endpoint /admin/UrlRedirection/Delete/{id} and delete URL redirection rules without any permissions. The vulnerability is remotely exploitable and has a public proof-of-concept exploit available. [1, 2, 3]


How can this vulnerability impact me? :

This vulnerability can disrupt the normal functioning of a website by allowing unauthorized deletion of URL redirection rules. This can cause users to encounter 404 errors when accessing redirected pages, negatively impacting user experience and SEO. It compromises the integrity and availability of the system by allowing attackers to remove important redirection configurations. [1, 2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for unauthorized POST requests to the endpoint /admin/UrlRedirection/Delete/{id} without authentication or proper permissions. Network or web server logs can be inspected for such suspicious POST requests targeting this URL pattern. A simple detection command could be using tools like curl or wget to test the endpoint for unauthorized access, for example: curl -X POST http://<target>/admin/UrlRedirection/Delete/1 -v to see if the request is accepted without authentication. Additionally, searching web server logs for POST requests to /admin/UrlRedirection/Delete/ can help identify exploitation attempts. [1, 3]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting access to the vulnerable endpoint by implementing network-level controls such as firewall rules or web application firewall (WAF) rules to block unauthorized POST requests to /admin/UrlRedirection/Delete/*. Since the vendor has not provided a patch or response, consider replacing the affected product with an alternative solution. Additionally, monitor logs for suspicious activity targeting this endpoint and apply strict access controls to the administration interface to prevent unauthorized access. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart