Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF

Advisories

Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF

severity: critical
date: 10/30/2025
Affecting: Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10
An affected versions range is undefined, and it is unknown if this vulnerability has been patched.
CVE: CVE-2023-7325
CWE: CWE-306 Missing Authentication for Critical Function
CWE-918 Server-Side Request Forgery (SSRF)
CVSS: 9.3
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
References: CN-SEC Disclosure (1947658)
PeiQi GitHub Disclosure
Credit: Anonymous User via CN-SEC
Description: Anheng Mingyu Operation and Maintenance Audit and Risk Control System up to 2023-08-10 contains a server-side request forgery (SSRF) vulnerability in the xmlrpc.sock handler. The product accepts specially crafted XML-RPC requests that can be used to instruct the server to connect to internal unix socket RPC endpoints and perform privileged XML-RPC methods. An attacker able to send such requests can invoke administrative RPC methods via the unix socket interface to create arbitrary user accounts on the system, resulting in account creation and potential takeover of the bastion host. VulnCheck has observed this vulnerability being exploited in the wild as of 2025-10-30 at 00:30:17.837319 UTC.
VulnCheck KEV: This advisory is in the VulnCheck KEV database

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo