Shenzhen Sixun Business Management System OperatorStop improper authorization_CVE-2025-10374

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.

Basic Information

ID CVE-2025-10374

Source VulDB

Published Sep 13, 2025 at 19:02

Affected Product

Vendor Shenzhen Sixun

Product Business Management System

Version 7

Affected Versions Shenzhen Sixun Business Management System 7
Shenzhen Sixun Business Management System 11

CWE Classification

CWE-285 CWE-266

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in Shenzhen Sixun Business Management System 7/11. This affects an unknown part of the file /Adm/OperatorStop. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.",
    "published": "2025-09-13T19:02:07.384Z",
    "modified": "2025-09-13T19:02:07.384Z",
    "type": "cve",
    "title": "Shenzhen Sixun Business Management System OperatorStop improper authorization",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.323788\nhttps://vuldb.com/?ctiid.323788\nhttps://vuldb.com/?submit.639092\nhttps://www.yuque.com/hongzh0/tx13c7/lgb05p6ar7ybugcz",
    "id": "CVE-2025-10374",
    "bulletinFamily": "",
    "cwe": [
        "CWE-285",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "Shenzhen Sixun Business Management System 7\nShenzhen Sixun Business Management System 11",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Business Management System",
    "version": "7",
    "vendor": "Shenzhen Sixun",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}