CVE-2025-7552 is a medium-severity vulnerability affecting Dromara Northstar versions 7.3.0 through 7.3.5. The flaw exists in the preHandle function within the AuthorizationInterceptor.java file, specifically in the Path Handler component. The vulnerability arises due to improper access control when processing the Request argument, allowing an attacker to manipulate this argument to bypass authorization checks. This can lead to unauthorized access to protected resources or functionalities. The vulnerability can be exploited remotely without requiring user interaction or prior authentication, increasing the risk of exploitation. The CVSS 4.0 base score is 5.3, reflecting a medium impact primarily due to limited confidentiality, integrity, and availability impacts, and the requirement for low privileges to exploit. The issue is resolved in version 7.3.6, and upgrading to this version or later is recommended. No known exploits are currently reported in the wild, but the vulnerability’s nature suggests that exploitation could lead to unauthorized access and potential lateral movement within affected environments.

For European organizations using Dromara Northstar, this vulnerability poses a risk of unauthorized access to internal systems or data, potentially leading to data leakage, unauthorized operations, or disruption of services. Given that Northstar is a middleware or service framework, exploitation could allow attackers to bypass security controls, escalate privileges, or access sensitive business logic. This could impact confidentiality and integrity of data processed by the platform. Organizations in sectors with stringent data protection requirements, such as finance, healthcare, and government, could face regulatory and reputational damage if exploited. The remote and unauthenticated nature of the attack vector increases the urgency for mitigation. However, the medium severity and lack of known active exploits suggest that immediate widespread impact is limited but should not be underestimated.

European organizations should prioritize upgrading Dromara Northstar to version 7.3.6 or later to remediate this vulnerability. Until the upgrade is applied, organizations should implement strict network segmentation and firewall rules to restrict access to Northstar services only to trusted internal networks and authenticated users. Monitoring and logging of access attempts to the Path Handler component should be enhanced to detect anomalous or unauthorized requests. Employing Web Application Firewalls (WAFs) with custom rules to detect and block suspicious request manipulations targeting the preHandle function can provide additional protection. Regular security assessments and code reviews of custom integrations with Northstar should be conducted to ensure no additional access control weaknesses exist. Finally, organizations should maintain an incident response plan to quickly address any exploitation attempts.