CVE-2025-12288
BaseFortify
Publication date: 2025-10-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bdtask | pharmacare | to 9.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-285 | The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-12288 is an authorization bypass vulnerability in Bdtask Pharmacy Management System up to version 9.4, specifically in the User Profile Handler component at the /user/edit_user/ endpoint. The system uses predictable user IDs in the URL but lacks proper authorization checks to verify if the authenticated user has permission to access or edit the requested user profile. This allows an attacker to manipulate the user ID parameter to access or modify other users' profiles without authorization, resulting in a breach of confidentiality. The vulnerability is classified as an Insecure Direct Object Reference (IDOR) and can be exploited remotely without local access. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to other users' profile data within the Bdtask Pharmacy Management System. An attacker who is authenticated can manipulate the user ID parameter to view or modify other users' profiles, potentially exposing sensitive personal or medical information. This breach of confidentiality can undermine trust, lead to data leaks, and cause harm to affected individuals. Since the exploit is publicly available and the vendor has not provided mitigation, the risk of exploitation is significant. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring requests to the /user/edit_user/ endpoint of the Bdtask Pharmacy Management System and checking for unauthorized access attempts where the user ID parameter is manipulated. Since the vulnerability involves altering the user ID in the URL to access or edit other users' profiles, you can detect it by inspecting HTTP requests for unusual or sequential user ID changes. For example, using network monitoring tools or web server logs, look for requests with different user ID parameters from the same authenticated user. Specific commands depend on your environment, but a simple approach is to use tools like curl or wget to test access: curl -i -X GET 'http://<target>/user/edit_user/?id=2' and then change the id parameter to other values to see if unauthorized access is possible. Additionally, web application firewalls (WAF) or intrusion detection systems (IDS) can be configured to alert on such parameter tampering. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /user/edit_user/ endpoint to only authorized users and implementing proper server-side authorization checks to verify that the authenticated user has permission to view or edit the requested user profile. Since no official patch or vendor response is available, consider applying access control rules at the web server or network level to limit exposure. Monitoring and logging access to this endpoint for suspicious activity is also recommended. Ultimately, replacing or upgrading the affected product to a version without this vulnerability is advised. [1, 2]