CVE-2025-2114 | Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7 Reset Password Interface OperatorStop.asp OperId improper authorization

A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the file /WebPages/Adm/OperatorStop.asp of the component Reset Password Interface. The manipulation of the argument OperId leads to improper authorization.

The identification of this vulnerability is CVE-2025-2114. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-2114 | Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7 Reset Password Interface OperatorStop.asp OperId improper authorization

Post correlati

CVE-2025-24571 | Epsiloncool WP Fast Total Search Plugin up to 1.78.258 on WordPress authorization

CVE-2022-49297 | Linux Kernel up to 5.18.3 hung_task_timeout_secs nbd_xmit_timeout denial of service

CVE-2024-29906 | realmag777 WordPress Meta Data and Taxonomies Filter Plugin up to 1.3.2 on WordPress cross site scripting

CVE-2024-42179 | HCL DRYiCE MyXalytics 6.3 HTTP Response Header information disclosure (KB0118149)