How severe is CVE-2025-14085?

CVE-2025-14085 has a CVSS v3 score of 6.3 (MEDIUM).

CVE-2025-14085

Name: youlai-mall
Author: youlai

6.3MEDIUM

A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper contr

Опубликовано: 12/5/2025Обновлено: 12/10/2025

Описание

A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper control of dynamically-identified variables. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

ИИ-АнализНа базе ИИ

Затронутые продукты

youlaiyoulai-mall

1.0.0

youlaiyoulai-mall

2.0.0

Ссылки

https://github.com/Hwwg/cve/issues/23
ExploitIssue TrackingThird Party Advisory
https://vuldb.com/?ctiid.334476
Permissions RequiredVDB Entry
https://vuldb.com/?id.334476
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.695943
Third Party AdvisoryVDB Entry