漏洞平台

POC详情： 4c76116c69fcaa11e527ffd5b95f7b426a570d00

来源

https://github.com/AhamedYaseen03/CVE-2025-60375

关联漏洞

标题： Perfex CRM 安全漏洞 (CVE-2025-60375)
描述：Perfex CRM是Perfex CRM开源的一款客户关系管理软件。用于在云中管理客户、项目和创建发票。 Perfex CRM 3.3.1之前版本存在安全漏洞，该漏洞源于服务器端验证不足，可能导致绕过登录凭据，未经授权访问用户账户。

描述

CVE-2025-60375 — Authentication bypass / incorrect access control in PerfexCRM < 3.3.1 (admin login)

介绍

# CVE-2025-60375
CVE-2025-60375 — Authentication bypass / incorrect access control in PerfexCRM &lt; 3.3.1 (admin login)

## Summary
**Vulnerability type:** Incorrect Access Control — Authentication bypass  
**Affected product:** PerfexCRM < 3.3.1  
**CVE:** CVE-2025-60375 (Published)  

**Brief description:**  
The authentication mechanism in PerfexCRM versions prior to 3.3.1 fails to validate username/password parameters server-side. By sending empty username and password parameters in an intercepted login request, an attacker can bypass authentication and gain access to accounts (including admin accounts).

---

## Affected component
- Admin login / Authentication system

## Attack type
- Remote

## Impact
- Privilege escalation: true (attacker can access administrative dashboard)
- Information disclosure: true (access to account-specific data)

## Reproduction steps (as discovered)
1. Navigate to the PerfexCRM admin login page.  
2. Intercept the login request with a proxy tool (e.g., Burp Suite).  
3. Remove or empty the `username` and `password` parameters in the login request payload (send empty parameters).  
4. Forward the modified request.  
5. Refresh if needed; observe a `419 Page expired` then automatic redirect to the dashboard.  
6. The system grants access without valid credentials.

> Note: Steps above are the original discovery steps reported by Ajansha Shankar and Ahamed Yaseen.

## References
- OWASP Authentication Cheat Sheet — guidance on server-side validation and authentication controls.  
  https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html

## Mitigation / Recommended fix
- Implement strict server-side validation for authentication parameters. Reject requests with missing/empty username or password and return an appropriate 4xx response.  
- Ensure session creation and authentication logic are only executed after successful credential validation.  
- Add automated tests that assert empty or missing credentials never result in a successful login.  
- Backport patches to all supported branches and publish CVE / advisory once fixed.

## Discoverers / Credit
- Ajansha Shankar  
- Ahamed Yaseen

## CVE Links
- https://www.cve.org/CVERecord?id=CVE-2025-60375
- https://www.cvedetails.com/cve/CVE-2025-60375/
- https://nvd.nist.gov/vuln/detail/CVE-2025-60375

文件快照


 [4.0K]  /data/pocs/4c76116c69fcaa11e527ffd5b95f7b426a570d00
├── [2.3K]  README.md
└── [2.5K]  Security.md

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。