CVE-2025-25769

High

Published: 21 February 2025

Published

21 February 2025

Modified

28 March 2025

KEV Added

—

Patch

—

CVSS Score 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Score 0.0009 24.6th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-25769 is a high-severity CSRF (CWE-352) vulnerability in Wang.Market Wangmarket. Its CVSS base score is 8.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious Link (T1204.001); ranked at the 24.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious Link (T1204.001). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-23 Session Authenticity good match

prevent

SC-23 requires mechanisms such as anti-CSRF tokens to protect session authenticity, directly preventing forged requests from exploiting the UserController.java CSRF vulnerability.

SI-10 Information Input Validation partial match

prevent

SI-10 mandates validation of information inputs, including CSRF tokens, to block unauthorized requests to the vulnerable UserController endpoint.

SI-2 Flaw Remediation good match

prevent

SI-2 ensures timely identification, reporting, and remediation of the specific CSRF flaw in Wangmarket's UserController.java across affected versions.

MITRE ATT&CK Enterprise TechniquesAI

T1204.001 Malicious Link Execution

An adversary may rely upon a user clicking a malicious link in order to gain execution.

attack.mitre.org →

Why these techniques?

CSRF flaw directly enables attacks via malicious links or pages that trick authenticated users into submitting forged requests, matching T1204.001 User Execution: Malicious Link.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java.

Deeper analysisAI

CVE-2025-25769 is a Cross-Site Request Forgery (CSRF) vulnerability affecting Wangmarket versions 4.10 through 5.0, specifically in the /controller/UserController.java component. Published on 2025-02-21, it has a CVSS v3.1 base score of 8.0 (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) and is associated with CWE-352. The flaw allows forged requests to perform unauthorized actions on behalf of authenticated users.

An attacker with low privileges, such as another authenticated user, can exploit this vulnerability over the network with low complexity by tricking a victim user into interacting with a malicious webpage or link (UI:R required). Successful exploitation enables high-impact outcomes, including unauthorized access to confidential data (C:H), modification of system integrity (I:H), and disruption of availability (A:H), potentially leading to full compromise of user sessions or administrative actions.

Mitigation details and further advisory information are available in the referenced source at https://flowus.cn/share/56c86622-1e4d-47ed-923c-9e37aff00079.