CVE-2025-8226: Information Disclosure in yanyutao0402 ChanCMS
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as problematic. Affected is an unknown function of the file /sysApp/find. The manipulation of the argument accessKey/secretKey leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. It is recommended to upgrade the affected component.
AI Analysis
Technical Summary
CVE-2025-8226 is a medium-severity information disclosure vulnerability affecting yanyutao0402 ChanCMS versions up to 3.1.2. The vulnerability resides in an unspecified function within the /sysApp/find file, where improper handling of the accessKey and secretKey arguments allows an attacker to remotely disclose sensitive information. The vulnerability does not require user interaction and can be exploited over the network with low attack complexity, requiring low privileges. The CVSS 4.0 vector indicates no user interaction (UI:N), no privileges required (PR:L), and no impact on integrity or availability, but a low impact on confidentiality (VC:L). The vulnerability is classified as problematic due to the potential leakage of sensitive data, which could include credentials or configuration details, depending on the implementation of ChanCMS. Although no known exploits are currently observed in the wild, the public disclosure of the exploit increases the risk of exploitation. The vendor has addressed this issue in version 3.1.3, and upgrading to this version is recommended to mitigate the vulnerability.
Potential Impact
For European organizations using ChanCMS, this vulnerability could lead to unauthorized disclosure of sensitive information, potentially exposing internal credentials, configuration data, or other confidential information managed by the CMS. Such exposure could facilitate further attacks, including privilege escalation or lateral movement within the network. Organizations in sectors with strict data protection regulations, such as finance, healthcare, or government, may face compliance risks if sensitive data is leaked. Additionally, the remote exploitability and low complexity increase the likelihood of automated scanning and exploitation attempts, especially after public disclosure. The impact on confidentiality, while low to medium, can have cascading effects on organizational security posture and trustworthiness of web assets managed by ChanCMS.
Mitigation Recommendations
European organizations should prioritize upgrading ChanCMS installations to version 3.1.3 or later to remediate this vulnerability. Until the upgrade is applied, organizations should restrict access to the /sysApp/find endpoint using network-level controls such as firewalls or web application firewalls (WAFs) to limit exposure to untrusted networks. Implementing strict access controls and monitoring for unusual requests targeting the accessKey and secretKey parameters can help detect exploitation attempts. Additionally, organizations should audit their CMS configurations and credentials to ensure no sensitive information has been exposed. Regular vulnerability scanning and penetration testing focused on CMS components can help identify residual risks. Finally, maintaining an incident response plan that includes procedures for CMS compromise scenarios will improve readiness.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2025-8226: Information Disclosure in yanyutao0402 ChanCMS
Description
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as problematic. Affected is an unknown function of the file /sysApp/find. The manipulation of the argument accessKey/secretKey leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.3 is able to address this issue. It is recommended to upgrade the affected component.
AI-Powered Analysis
Technical Analysis
CVE-2025-8226 is a medium-severity information disclosure vulnerability affecting yanyutao0402 ChanCMS versions up to 3.1.2. The vulnerability resides in an unspecified function within the /sysApp/find file, where improper handling of the accessKey and secretKey arguments allows an attacker to remotely disclose sensitive information. The vulnerability does not require user interaction and can be exploited over the network with low attack complexity, requiring low privileges. The CVSS 4.0 vector indicates no user interaction (UI:N), no privileges required (PR:L), and no impact on integrity or availability, but a low impact on confidentiality (VC:L). The vulnerability is classified as problematic due to the potential leakage of sensitive data, which could include credentials or configuration details, depending on the implementation of ChanCMS. Although no known exploits are currently observed in the wild, the public disclosure of the exploit increases the risk of exploitation. The vendor has addressed this issue in version 3.1.3, and upgrading to this version is recommended to mitigate the vulnerability.
Potential Impact
For European organizations using ChanCMS, this vulnerability could lead to unauthorized disclosure of sensitive information, potentially exposing internal credentials, configuration data, or other confidential information managed by the CMS. Such exposure could facilitate further attacks, including privilege escalation or lateral movement within the network. Organizations in sectors with strict data protection regulations, such as finance, healthcare, or government, may face compliance risks if sensitive data is leaked. Additionally, the remote exploitability and low complexity increase the likelihood of automated scanning and exploitation attempts, especially after public disclosure. The impact on confidentiality, while low to medium, can have cascading effects on organizational security posture and trustworthiness of web assets managed by ChanCMS.
Mitigation Recommendations
European organizations should prioritize upgrading ChanCMS installations to version 3.1.3 or later to remediate this vulnerability. Until the upgrade is applied, organizations should restrict access to the /sysApp/find endpoint using network-level controls such as firewalls or web application firewalls (WAFs) to limit exposure to untrusted networks. Implementing strict access controls and monitoring for unusual requests targeting the accessKey and secretKey parameters can help detect exploitation attempts. Additionally, organizations should audit their CMS configurations and credentials to ensure no sensitive information has been exposed. Regular vulnerability scanning and penetration testing focused on CMS components can help identify residual risks. Finally, maintaining an incident response plan that includes procedures for CMS compromise scenarios will improve readiness.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-07-26T13:05:42.685Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6885e7adad5a09ad00711156
Added to database: 7/27/2025, 8:47:41 AM
Last enriched: 7/27/2025, 9:02:43 AM
Last updated: 7/30/2025, 12:34:40 AM
Views: 8
Related Threats
CVE-2025-50578: n/a
CriticalCVE-2025-8292: Use after free in Google Chrome
HighCVE-2025-53944: CWE-285: Improper Authorization in Significant-Gravitas AutoGPT
HighCVE-2025-54573: CWE-287: Improper Authentication in cvat-ai cvat
MediumCVE-2025-43018: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in HP, Inc. Certain HP LaserJet Pro Printers
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.