CVE-2025-63738
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-12

Assigner: MITRE

Description
An issue was discovered in file index.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to gain sensitive information via phpinfo via the a parameter to the index.php.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-12
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-63738
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rockoa rockoa 2.7.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-98 The PHP application receives input from an upstream component, but it does not restrict or incorrectly restricts the input before its usage in "require," "include," or similar functions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in Xinhu Rainrock RockOA 2.7.0 allows attackers to gain sensitive information by accessing the phpinfo output through the 'a' parameter in the index.php file.

Impact Analysis

An attacker exploiting this vulnerability can obtain sensitive information about the server environment, which could be used to facilitate further attacks or compromise the system.

Compliance Impact

The vulnerability allows attackers with valid session cookies to access detailed server configuration information, including environment variables and potentially database connection information. This exposure of sensitive information could lead to unauthorized access or data breaches, which may impact compliance with standards like GDPR and HIPAA that require protection of sensitive data and secure system configurations. However, the provided resources do not explicitly discuss compliance implications. [1]

Detection Guidance

You can detect this vulnerability by attempting to access the URL endpoint that triggers the phpinfo output, specifically by sending a request to `index.php` with parameters `?a=phpinfo&m=index`. For example, use a command like `curl -i http://target/index.php?a=phpinfo&m=index` to see if the server returns detailed PHP configuration information. If the response includes PHP version, server details, and configuration parameters, the vulnerability is present. Note that exploitation requires valid session cookies and access, so detection may require authenticated requests. [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable phpinfoAction() method by implementing proper access control and permission checks in the index.php file. Ensure that the `phpinfo()` function cannot be invoked by unauthorized users. Additionally, review and limit session cookie access to prevent unauthorized exploitation. If possible, update or patch Xinhu Rainrock RockOA to a version where this vulnerability is fixed. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-63738. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart