CVE-2025-9401 | HuangDou UTCMS 9 Login login.php code comparison

Inserito da Angelo Barbosa | Ago 24, 2025 | CVE

A vulnerability was found in HuangDou UTCMS 9. It has been declared as problematic. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison.

This vulnerability is documented as CVE-2025-9401. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-9401 | HuangDou UTCMS 9 Login login.php code comparison

Post correlati

CVE-2024-52895 | IBM i 7.4/7.5 unusual condition

CVE-2024-7463 | TOTOLINK CP900 6.3c.566 /cgi-bin/cstecgi.cgi UploadCustomModule File buffer overflow

CVE-2024-51993 | Combodo iTop up to 3.1.x cleartext storage (GHSA-9mq5-349x-x427)

CVE-2024-27984 | Ivanti Avalanche up to 6.4.2 Web denial of service