CVE-2025-25968

DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation.

CVSS v3 6.0 MEDIUM

6.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://ddsn.com	Product
https://github.com/padayali-JD/CVE-2025-25968	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ddsn:cm3_acora_content_management_system:10.1.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-02-20 18:15

Updated : 2025-09-30 20:05

NVD link : CVE-2025-25968

Mitre link : CVE-2025-25968

CVE.ORG link : CVE-2025-25968

JSON object : View

Products Affected

ddsn

cm3_acora_content_management_system

CWE

CWE-284

Improper Access Control

{"id": "CVE-2025-25968", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 4.7, "exploitabilityScore": 1.2}]}, "published": "2025-02-20T18:15:26.570", "references": [{"url": "http://ddsn.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/padayali-JD/CVE-2025-25968", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "DDSN Interactive cm3 Acora CMS version 10.1.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive information, such as system administrator credentials, by force browsing the endpoint and exploiting the 'file' parameter. By referencing specific files (e.g., cm3.xml), attackers can bypass access controls, leading to account takeover and potential privilege escalation."}, {"lang": "es", "value": "La versi\u00f3n 10.1.1 de cm3 Acora CMS de DDSN Interactive contiene una vulnerabilidad de control de acceso indebido. Un usuario con privilegios de editor puede acceder a informaci\u00f3n confidencial, como las credenciales del administrador del sistema, al forzar la navegaci\u00f3n en el endpoint y explotar el par\u00e1metro 'file'. Al hacer referencia a archivos espec\u00edficos (por ejemplo, cm3.xml), los atacantes pueden eludir los controles de acceso, lo que lleva a la apropiaci\u00f3n de cuentas y a una posible escalada de privilegios."}], "lastModified": "2025-09-30T20:05:42.070", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ddsn:cm3_acora_content_management_system:10.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2969D732-CC4D-4DB0-ADEF-71F520662B4F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}