CVE-2023-7325

CRITICAL EXPLOITED

Anheng Mingyu Operation and Maintenance Audit and Risk Control Syst...

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-7325 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery (SSRF) vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix socket RPC endpoints and perform privileged XML-RPC methods. An attacker able to send such requests can invoke administrative RPC methods via the unix socket interface to create arbitrary user accounts on the system, resulting in account creation and potential takeover of the bastion host. VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-30 at 00:30:17.837319 UTC.

References (3)

Core 3

Scores

CVSS v4 9.3
EPSS 0.0034
EPSS Percentile 25.5%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

VulnCheck KEV 2025-10-30
CWE
CWE-306 CWE-918
Status published
Products (1)
Anheng Information (Hangzhou DBAPP Security Information Technology Co., Ltd.)/Mingyu Operations and Maintenance Audit and Risk Control System < 2023-08-10
Published Oct 30, 2025
Tracked Since Feb 18, 2026