go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

Hundred Plus|EIP Plus - 2 Vulnerabilities

TVN ID TVN-202511003
CVE ID CVE-2025-12866, CVE-2025-12867
CVSS CVE-2025-12866:
9.8 (Critical)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2025-12867:
7.2 (High) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products EIP Plus before version RELEASE_240626
Description CVE-2025-12866(Weak Password Recovery Mechanism):
Unauthenticated remote attacker can predict or brute-force the 'forgot password' link, thereby successfully resetting any user's password.

CVE-2025-12867(Arbitrary File Uplaod):
Privileged remote attackers can upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Solution Update to version RELEASE_240626 or later.
Credit CVE-2025-12866:
Tree(CHT Security)

CVE-2025-12867:
Huang Yu Ze(CHT Security)
Public Date 2025-11-10

Links

  1. CVE-2025-12866
  2. CVE-2025-12867
  3. CHT Security Advisory
Top