SB2025052607 - Multiple vulnerabilities in zhangyanbo2007 youkefu
Published: May 26, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 vulnerabilities.
1) Server-Side Request Forgery (SSRF) (CVE-ID: CVE-2025-2997)
CWE-ID: CWE-918 - Server-Side Request Forgery (SSRF)
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/E:U/U:Amber
The disclosed vulnerability allows a remote user to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input passed via the "/rel/url" endpoint. A remote user can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
2) Arbitrary file upload (CVE-ID: CVE-2025-3381)
CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload in WebIMController.java. A remote user can upload a malicious file and execute it on the server.
3) Arbitrary file upload (CVE-ID: CVE-2025-4258)
CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload in \youkefu-master\src\main\java\com\ukefu\webim\web\handler\resource\MediaController.java. A remote user can upload a malicious file and execute it on the server.
4) Deserialization of Untrusted Data (CVE-ID: CVE-2025-4260)
CWE-ID: CWE-502 - Deserialization of Untrusted Data
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data in \youkefu-master\src\main\java\com\ukefu\webi m\web\handler\admin\system\TemplateController.java. A remote user can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) XML External Entity injection (CVE-ID: CVE-2025-3241)
CWE-ID: CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Green
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input in src/main/java/com/ukefu/webim/web/handler/admin/callcenter/CallCenterRouterController.java. A remote user can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- https://github.com/exp3n5ive/Vul/blob/main/youkefu/youkefu.pdf
- https://vuldb.com/?ctiid.302046
- https://vuldb.com/?id.302046
- https://vuldb.com/?submit.524009
- https://github.com/mapl3miss/uckefuVul/blob/main/uckefu-upload.md
- https://vuldb.com/?ctiid.303627
- https://vuldb.com/?id.303627
- https://vuldb.com/?submit.552369
- https://github.com/Fc04dB/VUL/blob/main/ukefu_upload.md
- https://vuldb.com/?ctiid.307362
- https://vuldb.com/?id.307362
- https://vuldb.com/?submit.562848
- https://github.com/Serein123y/vulnerability/blob/main/vul.md
- https://vuldb.com/?ctiid.307364
- https://vuldb.com/?id.307364
- https://vuldb.com/?submit.562902
- https://github.com/askqiu/cve/blob/main/README.md
- https://vuldb.com/?ctiid.303267
- https://vuldb.com/?id.303267
- https://vuldb.com/?submit.547585