CVE-2025-6329 is an authorization bypass vulnerability identified in version 1.0 of the ScriptAndTools Real Estate Management System, specifically within the User Delete Handler component that processes requests via the userdelete.php file. The vulnerability arises from improper validation or insufficient authorization checks on the 'ID' parameter, which an attacker can manipulate remotely to bypass authorization controls. This allows an attacker with limited privileges (requiring low privileges) to perform unauthorized user deletion actions without proper authentication or user interaction. The vulnerability has been publicly disclosed, although no known exploits are currently observed in the wild. The CVSS 4.0 base score is 5.3 (medium severity), reflecting network attack vector, low attack complexity, no privileges required, no user interaction, and limited impact on confidentiality, integrity, and availability. The vulnerability primarily impacts the integrity and availability of user accounts within the system, potentially allowing unauthorized deletion of user accounts, which could disrupt operations or lead to denial of service for legitimate users. Since the affected product is a real estate management system, the impact could extend to business continuity and data integrity within real estate organizations using this software version.

For European organizations using ScriptAndTools Real Estate Management System 1.0, this vulnerability poses a risk of unauthorized user account deletions, which can disrupt internal workflows, cause denial of service to legitimate users, and potentially lead to loss of critical user data. Given that real estate management systems often handle sensitive client information, property listings, and transaction records, exploitation could indirectly affect data integrity and operational availability. The medium CVSS score indicates moderate risk; however, the ability to remotely bypass authorization without user interaction or elevated privileges increases the threat landscape. Organizations relying on this system may face operational disruptions, reputational damage, and compliance risks, especially under stringent European data protection regulations such as GDPR if client data is impacted. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially as exploit code has been publicly disclosed.

1. Immediate mitigation should focus on restricting access to the userdelete.php endpoint via network-level controls such as IP whitelisting or VPN access to limit exposure. 2. Implement strict input validation and authorization checks on the 'ID' parameter to ensure only authorized users can perform deletion actions. 3. Monitor logs for unusual deletion requests or patterns indicating exploitation attempts. 4. If possible, upgrade to a patched or newer version of the ScriptAndTools Real Estate Management System once available. 5. In the absence of an official patch, consider deploying Web Application Firewall (WAF) rules to detect and block suspicious requests targeting userdelete.php with manipulated parameters. 6. Conduct an internal audit of user accounts and permissions to identify any unauthorized deletions or anomalies. 7. Educate system administrators and users about the vulnerability and encourage prompt reporting of irregular system behavior. 8. Regularly back up user data and system configurations to enable recovery in case of successful exploitation.