{"id":8426,"date":"2025-07-20T02:59:51","date_gmt":"2025-07-20T02:59:51","guid":{"rendered":"http:\/\/localhost\/?p=8426"},"modified":"2025-07-20T02:59:51","modified_gmt":"2025-07-20T02:59:51","slug":"metasoft-metacrm-debugjsp-improper-authentication","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8426","title":{"rendered":"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication"},"content":{"rendered":"<div style=\"font-family: Arial, sans-serif; max-width: 1200px; margin: 0 auto;\">\n<h2 style=\"color: #333; border-bottom: 2px solid #ffcc00; padding-bottom: 10px;\">CVE Details<\/h2>\n<div style=\"display: grid; grid-template-columns: repeat(auto-fit, minmax(300px, 1fr)); gap: 20px; margin-bottom: 20px;\">\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1);\">\n<h3 style=\"margin-top: 0; \">Basic Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Title<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Type<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">cve<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Published<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">2025-07-20T07:14:05.444Z<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Modified<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">2025-07-20T07:14:05.444Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1);\">\n<h3 style=\"margin-top: 0; \">Product Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Vendor<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">Metasoft \u7f8e\u7279\u8f6f\u4ef6<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Product<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">MetaCRM<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Version<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">6.4.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">CVSS Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Base Score<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd; color: #ffcc00; font-weight: bold;\">6.9 (MEDIUM)<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Attack Vector<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:N\/UI:N\/VC:L\/VI:L\/VA:L\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 15px; border-radius: 5px; margin-bottom: 20px;\">\n<h4 style=\"margin-top: 0; \">Affected Products<\/h4>\n<ul style=\"margin: 0; padding-left: 20px;\">\n<li>Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM 6.4.0<\/li>\n<li>Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM 6.4.1<\/li>\n<li>Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM 6.4.2<\/li>\n<\/ul>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">Additional Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">CWE List<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">CWE-287<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border-bottom: 1px solid #ddd;\">Source<\/th>\n<td style=\"padding: 8px; border-bottom: 1px solid #ddd;\">VulDB<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<div style=\"padding: 20px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); margin-bottom: 20px;\">\n<h3 style=\"margin-top: 0; \">Description<\/h3>\n<div style=\"padding: 15px; border-left: 4px solid #4CAF50; \">A vulnerability classified as critical has been found in Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM up to 6.4.2. This affects an unknown part of the file \/debug.jsp. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.<\/div>\n<\/div>\n<div style=\"padding: 15px; border-radius: 5px; margin-bottom: 20px;\">\n<h4 style=\"margin-top: 0; \">References<\/h4>\n<ul style=\"margin: 0; padding-left: 20px;\">\n<li><a href=\"https:\/\/vuldb.com\/?id.316989\" target=\"_blank\">https:\/\/vuldb.com\/?id.316989<\/a><\/li>\n<li><a href=\"https:\/\/vuldb.com\/?ctiid.316989\" target=\"_blank\">https:\/\/vuldb.com\/?ctiid.316989<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/FightingLzn9\/vul\/blob\/main\/MetaCRM6-SIL-2.md\" target=\"_blank\">https:\/\/github.com\/FightingLzn9\/vul\/blob\/main\/MetaCRM6-SIL-2.md<\/a><\/li>\n<\/ul>\n<\/div>\n<div style=\"text-align: center; margin-top: 30px;\">\n<a href=\"\" target=\"_blank\" style=\"display: inline-block; background-color: #4CAF50; color: white; padding: 12px 24px; text-decoration: none; border-radius: 4px; font-weight: bold; transition: background-color 0.3s;\">View Full CVE Details<\/a>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>CVE Details Basic Information Title Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication Type cve Published 2025-07-20T07:14:05.444Z Modified 2025-07-20T07:14:05.444Z Product Information Vendor Metasoft \u7f8e\u7279\u8f6f\u4ef6 Product MetaCRM Version&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,48,12,21,13,7,11,5],"class_list":["post-8426","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-69","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=8426\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication - zero redgem\" \/>\n<meta property=\"og:description\" content=\"CVE Details Basic Information Title Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication Type cve Published 2025-07-20T07:14:05.444Z Modified 2025-07-20T07:14:05.444Z Product Information Vendor Metasoft \u7f8e\u7279\u8f6f\u4ef6 Product MetaCRM Version...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=8426\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-20T02:59:51+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication\",\"datePublished\":\"2025-07-20T02:59:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426\"},\"wordCount\":171,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-6.9\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=8426#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426\",\"name\":\"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-07-20T02:59:51+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=8426\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=8426#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=8426","og_locale":"en_US","og_type":"article","og_title":"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication - zero redgem","og_description":"CVE Details Basic Information Title Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication Type cve Published 2025-07-20T07:14:05.444Z Modified 2025-07-20T07:14:05.444Z Product Information Vendor Metasoft \u7f8e\u7279\u8f6f\u4ef6 Product MetaCRM Version...","og_url":"https:\/\/zero.redgem.net\/?p=8426","og_site_name":"zero redgem","article_published_time":"2025-07-20T02:59:51+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=8426#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=8426"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication","datePublished":"2025-07-20T02:59:51+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=8426"},"wordCount":171,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-6.9","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=8426#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=8426","url":"https:\/\/zero.redgem.net\/?p=8426","name":"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-07-20T02:59:51+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=8426#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=8426"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=8426#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM debug.jsp improper authentication"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/8426","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8426"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/8426\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8426"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8426"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8426"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}