What is CVE-2025-1144?

A critical vulnerability in the Quanxun School Affairs System allows unauthenticated attackers to access sensitive information, including plaintext administrator credentials. Organizations must prioritize patching to mitigate this risk.

What is the severity of CVE-2025-1144?

CVE-2025-1144 has a severity rating of CRITICAL with a CVSS base score of 9.8.

CVE-2025-1144 | Critical Vulnerability in Quanxun School Affairs System

CVE-2025-1144 is a critical vulnerability affecting the Quanxun School Affairs System. This vulnerability allows unauthorized access to sensitive information, including specific page views, database information, and plaintext administrator credentials. With a CVSS score of 9.8, it poses a severe risk to the confidentiality, integrity, and availability of affected systems.

The security implications of this vulnerability are extensive. Attackers may leverage this weakness to compromise sensitive data and gain unauthorized access to administrative functions. Given its high CVSS score and the potential for exploitation, organizations must address this vulnerability urgently.

Currently, there is no known public exploit available for CVE-2025-1144, but the risk remains significant. Organizations should prioritize remediation efforts to safeguard against potential attacks exploiting this vulnerability.

Organizations should prioritize patching immediately to mitigate the risk associated with this vulnerability. Delaying remediation could lead to unauthorized data exposure and serious organizational consequences.

Vulnerability Details

The vulnerability described in CVE-2025-1144 relates to the Quanxun School Affairs System's exposure of sensitive information, allowing unauthenticated attackers to view specific pages and obtain database information, including plaintext administrator credentials. The CVSS score of 9.8 categorizes this vulnerability as critical, indicating a severe impact on affected systems.

According to the CVE description, this vulnerability falls under the CWE-497 classification. The disclosure date for this vulnerability was February 11, 2025, emphasizing the importance of immediate attention and remediation.

Technical Analysis

The root cause of CVE-2025-1144 stems from inadequate authentication controls within the Quanxun School Affairs System. The attack vector for exploitation is network-based, and the complexity is classified as low, making it accessible to potential attackers. There are no privileges required for exploitation, nor is user interaction necessary.

The impact assessment indicates that the vulnerability significantly affects confidentiality, integrity, and availability, leading to high risks for organizations utilizing this system.

Risk & Impact Analysis

The real-world risk associated with CVE-2025-1144 is substantial given its ability to expose sensitive information. Organizations that utilize the Quanxun School Affairs System face potential data breaches, unauthorized access, and significant reputational damage. The urgency for remediation is underscored by the vulnerability's critical CVSS score and the potential impact on organizational operations.

Organizations should assess their deployment of the School Affairs System and prioritize patching or incorporating mitigations as part of their security strategy to minimize potential blast radius from this vulnerability.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of the Quanxun School Affairs System prior to the remediation are affected by this vulnerability. Organizations should ensure they are running the latest patched version to mitigate risks.

Mitigation & Remediation

Organizations should apply the latest patches provided by Quanxun to remediate CVE-2025-1144. It is crucial to verify that all updates have been effectively implemented through penetration testing to identify any residual vulnerabilities.

Detection Guidance

Organizations should monitor logs for indicators of unauthorized access attempts and any anomalies that could suggest exploitation of this vulnerability. Behavioral patterns that deviate from normal operations should be flagged for further investigation.

AppSecure Threat Intelligence Insight

The significance of CVE-2025-1144 lies in its potential impact on organizational security, especially in environments relying on the Quanxun School Affairs System. Security teams should analyze this vulnerability to prevent similar issues in the future. For more information on vulnerability management best practices, please refer to the following resources:

For detailed insights, organizations can benefit from reviewing the vulnerability management program and the penetration testing methodology to strengthen their security posture.

Additionally, exploring the AI security best practices can provide insights into emerging threats and defenses.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-1144: Critical Vulnerability in Quanxun School Affairs System