CVE-2025-13443 – This vulnerability in macrozheng mall allows at... (How to Fix)

Q: What is the severity of CVE-2025-13443?

CVE-2025-13443 has a CVSS score of 5.4 (MEDIUM). This vulnerability in macrozheng mall allows attackers to bypass access controls and delete user read history records without proper authorization. Remote exploitation is possible, affecting all users of versions up to 1.0.3. The vulnerability stems from improper access controls in the delete function.

📋 TL;DR

This vulnerability in macrozheng mall allows attackers to bypass access controls and delete user read history records without proper authorization. Remote exploitation is possible, affecting all users of versions up to 1.0.3. The vulnerability stems from improper access controls in the delete function.

💻 Affected Systems

Products:

macrozheng mall

Versions: up to 1.0.3

Operating Systems: all

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /member/readHistory/delete endpoint with ids parameter manipulation.

📦 What is this software?

Mall by Macrozheng

View all CVEs affecting Mall →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could delete all user read history data, potentially causing data loss and disrupting user experience.

🟠

Likely Case

Unauthorized deletion of specific user read history records, leading to data integrity issues.

🟢

If Mitigated

Minimal impact with proper authentication and authorization checks in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit is publicly available and manipulation of ids parameter leads to improper access controls.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: unknown

Vendor Advisory: none

Restart Required: No

Instructions:

Upgrade to version above 1.0.3 if available, otherwise implement workarounds.

🔧 Temporary Workarounds

Implement proper authorization checks

all

Add server-side validation to ensure users can only delete their own read history records.

Restrict access to delete endpoint

all

Implement IP whitelisting or additional authentication for the /member/readHistory/delete endpoint.

🧯 If You Can't Patch

Implement web application firewall rules to block suspicious delete requests
Monitor and alert on unauthorized delete operations to the affected endpoint

🔍 How to Verify

Check if Vulnerable:

Check if running macrozheng mall version 1.0.3 or earlier and test if unauthorized users can delete read history via /member/readHistory/delete endpoint.

Check Version:

Check application configuration files or database for version information.

Verify Fix Applied:

Verify that proper authorization checks are implemented and only authenticated users can delete their own records.

📡 Detection & Monitoring

Log Indicators:

Multiple DELETE requests to /member/readHistory/delete from unauthorized users
Unusual deletion patterns in user history logs

Network Indicators:

HTTP DELETE requests to /member/readHistory/delete with manipulated ids parameter

SIEM Query:

source="web_logs" AND uri="/member/readHistory/delete" AND method="DELETE" AND (user_id NOT IN authorized_users OR status=200)

📊 Metadata

CVE ID: CVE-2025-13443

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

CWE: CWE-266

EPSS Score: 0.04% exploit probability (10.6th percentile)

Published: November 20, 2025

Last Updated: November 25, 2025

🔗 References

https://github.com/Hwwg/cve/issues/15 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.333016 Permissions Required,VDB Entry
https://vuldb.com/?id.333016 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.690892 Third Party Advisory,VDB Entry
https://github.com/Hwwg/cve/issues/15 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13443, you might also want to check these: