PT-2025-44460 · Anheng · Mingyu Operations/Maintenance Audit/Risk Control System
Published
2025-10-30
·
Updated
2025-10-30
·
CVE-2023-7325
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Anheng Mingyu Operation and Maintenance Audit and Risk Control System versions prior to 2023-08-10
Description
The software contains a server-side request forgery (SSRF) issue in the
xmlrpc.sock handler. The system is susceptible to specially crafted XML-RPC requests that can force the server to connect to internal unix socket RPC endpoints and execute privileged XML-RPC methods. Successful exploitation allows an attacker to invoke administrative RPC methods through the unix socket interface, potentially creating arbitrary user accounts on the system and leading to account creation and possible takeover of the host. This issue has been observed being exploited in the wild as of 2025-10-30. The vulnerability allows attackers to create arbitrary user accounts. The vulnerable component is the xmlrpc.sock handler.Recommendations
Versions prior to 2023-08-10 should be updated. As a temporary workaround, consider restricting access to the
xmlrpc.sock handler to minimize the risk of exploitation.Exploit
Fix
Missing Authentication
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mingyu Operations/Maintenance Audit/Risk Control System