CVE-2025-4136

Published Apr 30, 2025

Last updated a month ago

CVSS medium 5.3

Overview

Description: A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Source: cna@vuldb.com
NVD status: Awaiting Analysis

Risk scores

CVSS 4.0

Type: Secondary
Base score: 5.3
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: MEDIUM

CVSS 3.1

Type: Primary
Base score: 5.4
Impact score: 2.5
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Severity: MEDIUM

CVSS 2.0

Type: Secondary
Base score: 5.5
Impact score: 4.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:P/A:P

Weaknesses

cna@vuldb.com: CWE-266

Hype score: Not currently trending

CVE-2025-4136 A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of th… https://t.co/xMOMlHjaeX
@CVEnew
30 Apr 2025
242 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References

Sources include official advisories and independent security research.