CVE-2025-14197
BaseFortify
Publication date: 2025-12-07
Last updated on: 2025-12-07
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| beijing_weili_digital_technology_co.,_ltd | verysync | * |
| beijing_weili_digital_technology_co.,_ltd | verysync | 2.21.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Verysync 微力同步 up to version 2.21.3, specifically in an unknown function within the file /rest/f/api/resources/f96956469e7be39d of the Web Administration Module. It allows an attacker to remotely manipulate the system, leading to information disclosure.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized information disclosure, meaning sensitive data could be exposed to attackers without authorization. Since the attack can be executed remotely and the exploit is publicly disclosed, it increases the risk of data breaches.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing proper authentication mechanisms on the Web Administration interface, such as adding a 'Set Web Management Password' feature enforcing strong passwords (minimum 12 characters with uppercase, lowercase, numbers, and special symbols). Additionally, disable remote access by restricting access to local connections only or configuring an IP whitelist to prevent unauthorized remote access. Revoke unnecessary access rights from other accounts and enable detailed logging and auditing of access and file read operations to detect abnormal activities promptly. If possible, consider replacing the affected product as no official patch or vendor response is available. [2, 4, 5]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability leads to unauthorized disclosure of sensitive information such as device IDs, system configurations, system files, and device identification data due to lack of proper authentication in the Web Administration Module. This exposure of sensitive data can result in non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access. Failure to secure such data may lead to regulatory penalties and increased risk of data breaches. Immediate corrective actions such as implementing strong authentication, restricting remote access, and auditing access logs are recommended to mitigate these compliance risks. [1, 2, 4, 5]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending crafted HTTP GET requests to the vulnerable endpoint `/rest/f/api/resources/f96956469e7be39d` on the affected system, notably on port 8886, without authentication. For example, you can use curl commands like `curl http://<target-ip>:8886/rest/f/api/resources/f96956469e7be39d` or to test file read, `curl http://<target-ip>:8886/rest/f/api/resources/f96956469e7be39d/etc/passwd`. Successful responses containing sensitive information indicate the presence of the vulnerability. Additionally, monitoring access logs for unauthorized GET requests to this endpoint can help detect exploitation attempts. [2, 4]