CVE-2025-9401

Name of the Vulnerable Software and Affected Versions: HuangDou UTCMS version 9

Description: A flaw exists in the Login component's code within the app/modules/ut-frame/admin/login.php file. Manipulation of the code related to an argument results in an incorrect comparison. This issue can be exploited remotely and is considered to have high complexity, making exploitation difficult. The exploit has been publicly disclosed and may be utilized. The vendor was notified but did not respond.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.