CVE-2025-0331 in YunzMall
Summary
by MITRE • 01/09/2025
A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 01/09/2025
The vulnerability identified as CVE-2025-0331 represents a critical security flaw in YunzMall version 2.4.2 and earlier, specifically within the password recovery mechanism. This weakness resides in the ResetpwdController.php file where the changePwd function processes HTTP POST requests. The vulnerability stems from insufficient validation and sanitization of the pwd parameter, creating a pathway for attackers to manipulate the password recovery process. The issue is particularly concerning as it allows for weak password recovery, potentially enabling unauthorized access to user accounts through carefully crafted requests that bypass normal security controls.
The technical exploitation of this vulnerability occurs through remote manipulation of the HTTP POST request handler that processes password reset operations. Attackers can craft malicious requests that exploit the insufficient input validation of the pwd argument, potentially allowing them to set weak or predictable passwords during the recovery process. This flaw directly relates to CWE-259 Weak Password Recovery and CWE-312 Cleartext Storage of Sensitive Data, as it enables unauthorized modification of user authentication credentials without proper authorization. The vulnerability's classification as critical indicates that it can be exploited without requiring special privileges or user interaction, making it particularly dangerous in production environments where user account compromise could lead to widespread system infiltration.
The operational impact of this vulnerability extends beyond simple account takeover scenarios, as it fundamentally undermines the security posture of the entire YunzMall platform. Successful exploitation could enable attackers to gain unauthorized access to user accounts, potentially leading to data breaches, financial fraud, and service disruption. The fact that this exploit has been publicly disclosed and is actively being used increases the risk profile significantly, as it no longer represents a theoretical threat but an actual attack vector that malicious actors are leveraging. This vulnerability particularly affects organizations that rely on YunzMall for e-commerce operations, where compromised user credentials could result in financial losses and regulatory compliance violations.
Organizations utilizing YunzMall must implement immediate mitigations to address this critical vulnerability, including but not limited to applying the vendor's official patch if available, implementing additional input validation controls, and strengthening password recovery mechanisms. The lack of vendor response to early disclosure efforts underscores the importance of proactive security measures and the need for organizations to maintain independent security assessments. Security teams should consider implementing network-based controls to monitor for exploitation attempts and establish incident response procedures to address potential compromise. The vulnerability also highlights the necessity of following ATT&CK framework principles for defensive measures, particularly focusing on privilege escalation and credential access tactics that attackers might employ through this weakness.