CVE-2025-12623

LOW EPSS 23.2%

Published Nov 3, 20257mo ago · Modified Jun 17, 20261w ago

1.3 CVSS 4.0

Low

Published Nov 3, 2025 7mo ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/com/fuint/module/clientApi/controller/ClientSignController.java of the component Authentication Token Handler. Such manipulation leads to authorization bypass. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitation is known to be difficult. The exploit is publicly available and might be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.

CVSS Details

Base Score

1.3

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity High

Privileges Required Low

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

23.2% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-285

CWE-639

References 4

github.com https://github.com/fushengqian/fuint/issues/67
vuldb.com https://vuldb.com/?ctiid.330915
vuldb.com https://vuldb.com/?id.330915
vuldb.com https://vuldb.com/?submit.678911

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.