What is the severity of CVE-2025-2114?

CVE-2025-2114 is classified as a problematic vulnerability that affects the reset password interface in the designated software.

How do I fix CVE-2025-2114?

To mitigate CVE-2025-2114, it is recommended to apply available patches or updates provided by Shenzhen Sixun Software.

What component is affected by CVE-2025-2114?

CVE-2025-2114 affects the Reset Password Interface in the file /WebPages/Adm/OperatorStop.asp.

Is CVE-2025-2114 exploitable remotely?

Yes, CVE-2025-2114 may be exploited remotely due to its nature of processing within a web application interface.

Vulnerability/
CVE-2025-2114

medium

6.3

CWE

285 266

9/3/2025

CVE-2025-2114: Shenzhen Sixun Software Sixun Shanghui Group Business Management System Reset Password Interface OperatorStop.asp improper authorization

First published: Sun Mar 09 2025(Updated: )

A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the file /WebPages/Adm/OperatorStop.asp of the component Reset Password Interface. The manipulation of the argument OperId leads to improper authorization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
Sixun Shanghui Group Business Management System

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-2114?
CVE-2025-2114 is classified as a problematic vulnerability that affects the reset password interface in the designated software.
How do I fix CVE-2025-2114?
To mitigate CVE-2025-2114, it is recommended to apply available patches or updates provided by Shenzhen Sixun Software.
What component is affected by CVE-2025-2114?
CVE-2025-2114 affects the Reset Password Interface in the file /WebPages/Adm/OperatorStop.asp.
Is CVE-2025-2114 exploitable remotely?
Yes, CVE-2025-2114 may be exploited remotely due to its nature of processing within a web application interface.
What software versions are impacted by CVE-2025-2114?
CVE-2025-2114 impacts all versions of the Shenzhen Sixun Software Sixun Shanghui Group Business Management System that utilize the affected Reset Password Interface.

collector/mitre-cve
source/MITRE
agent/weakness
agent/title
agent/references
agent/description
agent/type
agent/first-publish-date
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/nvd-api
source/NVD
agent/author
agent/severity
agent/source
agent/last-modified-date
agent/tags
agent/event
vendor/shenzhen sixun software
canonical/sixun shanghui group business management system

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.