Skip to main content

CVE-2025-3978: Information Disclosure in dazhouda lecms

Medium
VulnerabilityCVE-2025-3978cvecve-2025-3978
Published: Sun Apr 27 2025 (04/27/2025, 17:00:06 UTC)
Source: CVE
Vendor/Project: dazhouda
Product: lecms

Description

A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/user_set.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

AI-Powered Analysis

AILast updated: 06/24/2025, 18:05:15 UTC

Technical Analysis

CVE-2025-3978 is an information disclosure vulnerability identified in version 3.0.3 of the dazhouda lecms product. The vulnerability resides in an unspecified functionality within the file admin/view/default/user_set.htm. The flaw allows an attacker to remotely manipulate the system, leading to unauthorized disclosure of information. According to the CVSS 4.0 vector, the attack can be executed remotely (AV:N) with low attack complexity (AC:L), does not require authentication (PR:L indicates low privileges but no authentication needed), and does not require user interaction (UI:N). The impact on confidentiality is low (VC:L), and there is no impact on integrity or availability. The vulnerability has been publicly disclosed, though no known exploits are currently observed in the wild. The lack of a patch link suggests that a fix may not yet be available or publicly released. The vulnerability is rated as medium severity with a CVSS score of 5.3, reflecting moderate risk primarily due to the potential for information leakage without requiring user interaction or elevated privileges. The affected component, lecms, is a content management system (CMS) likely used for managing web content and user settings, which means the disclosed information could include sensitive configuration or user data, potentially aiding further attacks or reconnaissance.

Potential Impact

For European organizations utilizing dazhouda lecms 3.0.3, this vulnerability poses a risk of unauthorized information disclosure that could compromise sensitive internal data, user credentials, or configuration details. While the confidentiality impact is rated low, the information leaked could facilitate subsequent targeted attacks such as privilege escalation, phishing, or lateral movement within networks. Organizations in sectors with strict data protection regulations, such as finance, healthcare, or government, may face compliance risks if sensitive personal or operational data is exposed. The remote exploitability and lack of required user interaction increase the risk of automated scanning and exploitation attempts. Although no active exploits are currently reported, the public disclosure of the vulnerability details may lead to rapid development of exploit tools. This could result in increased attack activity targeting European entities using this CMS, especially those with internet-facing administrative interfaces. The limited impact on integrity and availability reduces the risk of service disruption but does not diminish the importance of addressing the vulnerability promptly to prevent information leakage and potential follow-on attacks.

Mitigation Recommendations

1. Immediate action should include restricting access to the admin/view/default/user_set.htm page to trusted IP addresses or VPN users only, minimizing exposure to remote attackers. 2. Implement web application firewall (WAF) rules to detect and block suspicious requests targeting this specific URL or parameters associated with user_set.htm. 3. Monitor web server and application logs for unusual access patterns or repeated requests to the vulnerable endpoint to detect potential exploitation attempts early. 4. If possible, disable or restrict the vulnerable functionality within the CMS until a vendor patch is available. 5. Engage with the vendor or community to obtain or request a security patch and apply it promptly once released. 6. Conduct a thorough audit of the CMS installation to identify any signs of compromise or data leakage. 7. Educate administrators on the risks of exposing administrative interfaces publicly and enforce strong authentication and network segmentation to reduce attack surface. 8. Consider deploying intrusion detection/prevention systems (IDS/IPS) tuned to detect exploitation attempts targeting this vulnerability. These measures, combined, will reduce the risk of exploitation and limit potential damage until a permanent fix is applied.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-04-26T07:48:33.599Z
Cisa Enriched
true
Cvss Version
4.0
State
PUBLISHED

Threat ID: 682d983ec4522896dcbef9be

Added to database: 5/21/2025, 9:09:18 AM

Last enriched: 6/24/2025, 6:05:15 PM

Last updated: 8/11/2025, 4:28:02 AM

Views: 9

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats