CVE-2025-41345 in CanalDenuncia.app
Summary
by MITRE • 11/04/2025
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarDenunciasById.php'.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 11/04/2025
The vulnerability identified as CVE-2025-41345 represents a critical authorization flaw within the CanalDenuncia.app platform that exposes sensitive user data through improper access controls. This issue manifests in the backend API endpoint /backend/api/buscarDenunciasById.php which fails to properly validate user permissions when processing requests containing the parameters 'id_denuncia' and 'id_user'. The absence of adequate authorization checks creates an exploitable condition where malicious actors can manipulate these parameters to retrieve confidential information belonging to other users within the system.
This authorization bypass vulnerability falls under the CWE-862 category of "Missing Authorization" and aligns with ATT&CK technique T1078.004 for Valid Accounts and T1566.001 for Phishing. The technical implementation flaw occurs at the application logic level where the system assumes that legitimate users will only request their own data without proper validation of user identity and access rights. When an attacker sends a POST request with arbitrary values for the 'id_denuncia' and 'id_user' parameters, the application processes these requests without verifying whether the requesting user has legitimate access to the specified user's information, effectively allowing horizontal privilege escalation.
The operational impact of this vulnerability is significant as it enables unauthorized data access that could compromise user privacy and confidentiality. Attackers can potentially access sensitive complaint data, personal information, and other user-specific details that should remain protected. This exposure creates risks for data breaches, identity theft, and potential misuse of confidential information. The vulnerability affects the integrity and availability of the system's user data protection mechanisms, potentially leading to compliance violations under data protection regulations such as GDPR or local privacy laws.
Mitigation strategies should include implementing robust input validation and authorization checks at the application level to verify user permissions before processing requests. The system must enforce proper access control mechanisms that validate the requesting user's identity against the target user's data before granting access. Additionally, implementing rate limiting and monitoring for unusual parameter combinations can help detect potential exploitation attempts. Security measures should also include regular code reviews to identify similar authorization flaws, implementation of principle of least privilege access controls, and comprehensive logging of all data access attempts for audit purposes. The fix should involve modifying the /backend/api/buscarDenunciasById.php endpoint to include proper authentication verification and authorization checks before returning any user data.