CVE-2025-4118: Improper Access Controls in Weitong Mall
A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
AI Analysis
Technical Summary
CVE-2025-4118 is a vulnerability identified in Weitong Mall version 1.0.0, specifically within the Product History Handler component, affecting the /historyList endpoint. The issue arises from improper access controls related to the manipulation of the 'isDelete' argument. When this argument is set to the value '1', it allows an attacker to bypass intended access restrictions. This vulnerability can be exploited remotely without requiring any authentication or user interaction, making it accessible to unauthenticated attackers over the network. The vulnerability is classified as critical in the description but carries a CVSS 4.0 base score of 6.9, which corresponds to a medium severity rating. The CVSS vector indicates that the attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and no impact on confidentiality, integrity, or availability (VC:L indicates low impact on confidentiality, but no impact on integrity or availability). The vulnerability does not require any privileges or user interaction, which increases its exploitability. However, the impact on the system's core security properties is limited, as indicated by the CVSS vector. No patches or known exploits in the wild have been reported at the time of publication. The vulnerability disclosure date is April 30, 2025. The lack of patches suggests that affected organizations must implement alternative mitigations until an official fix is released. The vulnerability's root cause is improper access control, which is a common security weakness that can lead to unauthorized access or actions within an application. Given that Weitong Mall is an e-commerce platform, exploitation could potentially allow attackers to manipulate product history data or access restricted information, potentially leading to data leakage or unauthorized data modification, although the CVSS vector suggests limited impact on integrity and availability.
Potential Impact
For European organizations using Weitong Mall 1.0.0, this vulnerability poses a risk of unauthorized access to product history data or related functionalities. While the CVSS score indicates medium severity with limited direct impact on confidentiality, integrity, or availability, the improper access control could still lead to unauthorized data exposure or manipulation within the e-commerce platform. This could undermine customer trust, lead to regulatory compliance issues (especially under GDPR if personal data is involved), and potentially disrupt business operations if attackers leverage the vulnerability to interfere with product history records. The remote and unauthenticated nature of the exploit increases the risk of automated attacks or exploitation by opportunistic threat actors. European e-commerce businesses relying on Weitong Mall may face reputational damage and financial losses if attackers exploit this vulnerability to alter product histories, which could affect inventory management, customer orders, or audit trails. Additionally, if attackers use this vulnerability as a foothold, it could be a stepping stone for further attacks within the network. However, the absence of known exploits in the wild and the medium severity rating suggest that immediate widespread impact may be limited but should not be underestimated.
Mitigation Recommendations
1. Immediate mitigation should include implementing strict access control checks on the /historyList endpoint, especially validating and sanitizing the 'isDelete' parameter to prevent unauthorized manipulation. 2. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious requests attempting to manipulate the 'isDelete' argument or access the /historyList resource in unauthorized ways. 3. Monitor application logs for unusual access patterns or repeated attempts to exploit the vulnerability remotely, focusing on requests targeting the Product History Handler. 4. Restrict network access to the Weitong Mall application, limiting exposure to trusted IP ranges or VPN-only access where feasible. 5. Engage with the vendor (Weitong) to obtain patches or security updates as soon as they become available and prioritize timely application of these patches. 6. Conduct a thorough security review of all access control mechanisms within the application to identify and remediate similar weaknesses. 7. Educate development and security teams about secure coding practices related to access control and input validation to prevent recurrence. 8. If possible, implement multi-factor authentication and session management improvements to reduce the risk of unauthorized access through other vectors.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2025-4118: Improper Access Controls in Weitong Mall
Description
A vulnerability classified as critical has been found in Weitong Mall 1.0.0. This affects an unknown part of the file /historyList of the component Product History Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
AI-Powered Analysis
Technical Analysis
CVE-2025-4118 is a vulnerability identified in Weitong Mall version 1.0.0, specifically within the Product History Handler component, affecting the /historyList endpoint. The issue arises from improper access controls related to the manipulation of the 'isDelete' argument. When this argument is set to the value '1', it allows an attacker to bypass intended access restrictions. This vulnerability can be exploited remotely without requiring any authentication or user interaction, making it accessible to unauthenticated attackers over the network. The vulnerability is classified as critical in the description but carries a CVSS 4.0 base score of 6.9, which corresponds to a medium severity rating. The CVSS vector indicates that the attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and no impact on confidentiality, integrity, or availability (VC:L indicates low impact on confidentiality, but no impact on integrity or availability). The vulnerability does not require any privileges or user interaction, which increases its exploitability. However, the impact on the system's core security properties is limited, as indicated by the CVSS vector. No patches or known exploits in the wild have been reported at the time of publication. The vulnerability disclosure date is April 30, 2025. The lack of patches suggests that affected organizations must implement alternative mitigations until an official fix is released. The vulnerability's root cause is improper access control, which is a common security weakness that can lead to unauthorized access or actions within an application. Given that Weitong Mall is an e-commerce platform, exploitation could potentially allow attackers to manipulate product history data or access restricted information, potentially leading to data leakage or unauthorized data modification, although the CVSS vector suggests limited impact on integrity and availability.
Potential Impact
For European organizations using Weitong Mall 1.0.0, this vulnerability poses a risk of unauthorized access to product history data or related functionalities. While the CVSS score indicates medium severity with limited direct impact on confidentiality, integrity, or availability, the improper access control could still lead to unauthorized data exposure or manipulation within the e-commerce platform. This could undermine customer trust, lead to regulatory compliance issues (especially under GDPR if personal data is involved), and potentially disrupt business operations if attackers leverage the vulnerability to interfere with product history records. The remote and unauthenticated nature of the exploit increases the risk of automated attacks or exploitation by opportunistic threat actors. European e-commerce businesses relying on Weitong Mall may face reputational damage and financial losses if attackers exploit this vulnerability to alter product histories, which could affect inventory management, customer orders, or audit trails. Additionally, if attackers use this vulnerability as a foothold, it could be a stepping stone for further attacks within the network. However, the absence of known exploits in the wild and the medium severity rating suggest that immediate widespread impact may be limited but should not be underestimated.
Mitigation Recommendations
1. Immediate mitigation should include implementing strict access control checks on the /historyList endpoint, especially validating and sanitizing the 'isDelete' parameter to prevent unauthorized manipulation. 2. Employ Web Application Firewalls (WAFs) with custom rules to detect and block suspicious requests attempting to manipulate the 'isDelete' argument or access the /historyList resource in unauthorized ways. 3. Monitor application logs for unusual access patterns or repeated attempts to exploit the vulnerability remotely, focusing on requests targeting the Product History Handler. 4. Restrict network access to the Weitong Mall application, limiting exposure to trusted IP ranges or VPN-only access where feasible. 5. Engage with the vendor (Weitong) to obtain patches or security updates as soon as they become available and prioritize timely application of these patches. 6. Conduct a thorough security review of all access control mechanisms within the application to identify and remediate similar weaknesses. 7. Educate development and security teams about secure coding practices related to access control and input validation to prevent recurrence. 8. If possible, implement multi-factor authentication and session management improvements to reduce the risk of unauthorized access through other vectors.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-04-30T05:11:56.580Z
- Cisa Enriched
- true
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 682d983bc4522896dcbee265
Added to database: 5/21/2025, 9:09:15 AM
Last enriched: 6/25/2025, 6:19:22 AM
Last updated: 8/12/2025, 4:04:49 PM
Views: 11
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.