Skip to main content

CVE-2025-6864: Cross-Site Request Forgery in SeaCMS

Medium
VulnerabilityCVE-2025-6864cvecve-2025-6864
Published: Sun Jun 29 2025 (06/29/2025, 16:00:09 UTC)
Source: CVE Database V5
Product: SeaCMS

Description

A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

AI-Powered Analysis

AILast updated: 06/29/2025, 16:24:32 UTC

Technical Analysis

CVE-2025-6864 is a cross-site request forgery (CSRF) vulnerability identified in SeaCMS versions up to 13.2, specifically affecting an unspecified functionality within the /admin_type.php file. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged HTTP request to a web application, potentially causing unintended actions without the user's consent. In this case, the vulnerability can be exploited remotely without requiring any prior authentication or privileges, but it does require user interaction (such as clicking a malicious link or visiting a crafted webpage). The CVSS 4.0 base score is 5.3, indicating a medium severity level. The attack vector is network-based (remote), with low attack complexity and no privileges required. The vulnerability impacts the integrity of the system, as it may allow unauthorized commands or changes to be executed on behalf of the user, but does not affect confidentiality or availability directly. No known exploits are currently observed in the wild, and no patches or mitigations have been explicitly linked in the provided data. The vulnerability disclosure is recent (June 29, 2025), and public exploit code has been made available, increasing the risk of exploitation in the near term. SeaCMS is a content management system, and the affected admin functionality suggests that successful exploitation could lead to unauthorized administrative actions, potentially compromising the website's content or configuration.

Potential Impact

For European organizations using SeaCMS, this vulnerability poses a moderate risk. If exploited, attackers could perform unauthorized administrative actions by leveraging CSRF attacks, potentially leading to website defacement, unauthorized content changes, or configuration manipulation. This could damage organizational reputation, disrupt business operations, and expose sensitive data indirectly through altered content or misconfigurations. Since the vulnerability requires user interaction but no authentication, attackers could target employees or administrators through phishing or social engineering campaigns. Organizations with public-facing websites running vulnerable SeaCMS versions are at risk of targeted or opportunistic attacks. The impact is particularly relevant for sectors relying heavily on web presence and content integrity, such as media, e-commerce, education, and government institutions across Europe. While the vulnerability does not directly compromise confidentiality or availability, the integrity impact and potential for subsequent attacks (e.g., injecting malicious scripts) could escalate the threat.

Mitigation Recommendations

European organizations should prioritize the following mitigations: 1) Upgrade SeaCMS to a version beyond 13.2 once an official patch is released; monitor vendor advisories closely. 2) Implement anti-CSRF tokens in all forms and state-changing requests within the CMS to ensure requests originate from legitimate users. 3) Employ Content Security Policy (CSP) headers to reduce the risk of malicious script execution resulting from CSRF-induced changes. 4) Educate administrators and users about phishing and social engineering risks to reduce the likelihood of user interaction with malicious content. 5) Restrict administrative access by IP whitelisting or VPN usage to limit exposure. 6) Monitor web server logs for unusual POST requests to /admin_type.php or other admin endpoints indicative of CSRF attempts. 7) Use web application firewalls (WAFs) configured to detect and block CSRF attack patterns. These steps go beyond generic advice by focusing on both immediate risk reduction and long-term secure development practices.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-06-28T10:51:49.575Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 686165336f40f0eb72846ea0

Added to database: 6/29/2025, 4:09:23 PM

Last enriched: 6/29/2025, 4:24:32 PM

Last updated: 7/13/2025, 3:03:31 PM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats