CVE-2025-15458
Published: 05 January 2026
Summary
CVE-2025-15458 is a high-severity Improper Authentication (CWE-287) vulnerability in 1234N Minicms. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 38.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly remediates the improper authentication flaw in /mc-admin/post-edit.php to prevent exploitation of the Article Handler component.
Ensures robust identification and authentication for users accessing administrative functions, countering the authentication bypass vulnerability.
Enforces approved access authorizations to block unauthorized remote access to sensitive admin endpoints like post-edit.php.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2025-15458 is an improper authentication bypass in a public-facing web CMS (/mc-admin/post-edit.php), enabling unauthenticated remote exploitation for unauthorized admin access, directly facilitating T1190: Exploit Public-Facing Application.
NVD Description
A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handler. Executing a manipulation can lead to improper authentication. It is possible to launch the attack remotely.…
more
The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Deeper analysisAI
CVE-2025-15458 is an improper authentication vulnerability (CWE-287) in bg5sbk MiniCMS versions up to 1.8. The issue resides in an unknown function within the file /mc-admin/post-edit.php of the Article Handler component. It carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network accessibility and lack of prerequisites for exploitation.
The vulnerability can be exploited remotely by unauthenticated attackers with no privileges required. Successful manipulation bypasses authentication controls, potentially granting unauthorized access to administrative functions related to article editing. This could enable attackers to modify, delete, or create content within the CMS, with low-level impacts on confidentiality, integrity, and availability.
Advisories from VulDB and a GitHub issue in ueh1013/VULN detail the vulnerability but provide no information on patches or vendor-supplied mitigations, as the vendor was contacted early for disclosure coordination yet did not respond. Security practitioners should isolate or decommission affected MiniCMS instances and monitor for exploitation attempts targeting the /mc-admin/post-edit.php endpoint.
The exploit has been publicly disclosed via the referenced GitHub issue and VulDB entries, making it readily available for use by threat actors. No evidence of active in-the-wild exploitation is noted in available sources.
Details
- CWE(s)