ghsa-cpvv-mcg6-x5f6
Vulnerability from github
Published
2025-10-31 00:30
Modified
2025-10-31 00:30
Severity ?
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Details

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery (SSRF) vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix socket RPC endpoints and perform privileged XML-RPC methods. An attacker able to send such requests can invoke administrative RPC methods via the unix socket interface to create arbitrary user accounts on the system, resulting in account creation and potential takeover of the bastion host. VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-30 at 00:30:17.837319 UTC.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-7325"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-306"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-30T22:15:44Z",
    "severity": "CRITICAL"
  },
  "details": "Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery (SSRF) vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix socket RPC endpoints\u00a0and perform privileged XML-RPC methods. An attacker able to send such requests can invoke administrative RPC methods via the unix socket interface to create arbitrary user accounts on the system, resulting in account creation and potential takeover of the bastion host.\u00a0VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-30 at 00:30:17.837319 UTC.",
  "id": "GHSA-cpvv-mcg6-x5f6",
  "modified": "2025-10-31T00:30:33Z",
  "published": "2025-10-31T00:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7325"
    },
    {
      "type": "WEB",
      "url": "https://cn-sec.com/archives/1947658.html"
    },
    {
      "type": "WEB",
      "url": "https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/iot/%E5%AE%89%E6%81%92/%E5%AE%89%E6%81%92%20%E6%98%8E%E5%BE%A1%E8%BF%90%E7%BB%B4%E5%AE%A1%E8%AE%A1%E4%B8%8E%E9%A3%8E%E9%99%A9%E6%8E%A7%E5%88%B6%E7%B3%BB%E7%BB%9F%20xmlrpc.sock%20%E4%BB%BB%E6%84%8F%E7%94%A8%E6%88%B7%E6%B7%BB%E5%8A%A0%E6%BC%8F%E6%B4%9E.md"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/mingyu-operations-and-maintenance-audit-and-risk-control-system-xmirpc-sock-ssrf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.