CVE-2025-0461
Published: 14 January 2025
Summary
CVE-2025-0461 is a medium-severity Path Traversal (CWE-22) vulnerability in 51Mis Lingdang Crm. Its CVSS base score is 5.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Direct Volume Access (T1006); ranked in the top 19.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2025-0461 is a path traversal vulnerability, tracked under CWE-22, that affects Shanghai Lingdang Information Technology Lingdang CRM versions up to 8.6.0.0. The issue exists in the handling of the pathfile argument within the endpoint /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin, allowing an attacker to manipulate file paths and access resources outside the web root.
An authenticated remote attacker with low privileges can exploit the flaw to read arbitrary files on the server. Publicly available exploit details have been released, and the vendor did not respond to early disclosure notification. The CVSS 4.0 score is 5.3, reflecting limited impact confined to confidentiality.
The EPSS score stands at 0.0139 with no material change from its recorded peak. Details appear in VulDB entries and a GitHub repository containing disclosure documentation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-1689
Vulnerability details
A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin. The manipulation of the argument pathfile leads to path traversal. The attack…
more
can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal (CWE-22) in public-facing CRM web application enables remote arbitrary file read (T1006: Direct Volume Access), exploitation of public-facing application for initial access (T1190), and collection of data from CRM information repository (T1213.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SI-10 directly prevents path traversal by requiring validation of the pathfile argument to reject traversal sequences like '../'.
SI-2 mandates timely identification and remediation of flaws like this path traversal vulnerability through patching or workarounds.
AC-3 enforces access control policies to limit file reads to authorized directories, mitigating unauthorized access via path traversal.