CVE-2025-2301
📋 TL;DR
This CVE describes an authorization bypass vulnerability in Akbim Software Online Exam Registration where attackers can manipulate user-controlled keys to access unauthorized functionality. It affects all Online Exam Registration installations before March 14, 2025. Attackers could potentially view or modify exam registration data they shouldn't have access to.
💻 Affected Systems
- Akbim Software Online Exam Registration
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of exam registration system allowing unauthorized viewing, modification, or deletion of sensitive student data, exam schedules, and registration records.
Likely Case
Unauthorized access to view or modify limited exam registration data, potentially affecting data integrity and privacy of student information.
If Mitigated
Limited impact with proper access controls and monitoring, potentially only allowing access to non-sensitive data or triggering security alerts.
🎯 Exploit Status
Exploitation requires some level of access to the application. The vulnerability involves manipulating identifiers that should be validated by the server.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version dated 14.03.2025 or later
Vendor Advisory: https://www.usom.gov.tr/bildirim/tr-25-0164
Restart Required: Yes
Instructions:
1. Download the latest version from Akbim Software. 2. Backup current installation and data. 3. Install the updated version. 4. Restart the application service. 5. Verify functionality.
🔧 Temporary Workarounds
Implement Additional Authorization Checks
allAdd server-side validation for all user-controlled identifiers and implement proper session-based authorization
Network Segmentation
allRestrict access to the application to only authorized users and networks
🧯 If You Can't Patch
- Implement web application firewall (WAF) rules to detect and block parameter manipulation attempts
- Enable detailed logging and monitoring for unauthorized access attempts to sensitive endpoints
🔍 How to Verify
Check if Vulnerable:
Check the software version date in the application interface or configuration files. If date is before March 14, 2025, it is vulnerable.Check Version:
Check application interface or configuration files for version informationVerify Fix Applied:
Verify the software version shows 14.03.2025 or later. Test authorization controls by attempting to access resources with manipulated identifiers.📡 Detection & Monitoring
Log Indicators:
- Unusual access patterns to exam registration endpoints
- Failed authorization attempts followed by successful access
- Requests with manipulated identifier parameters
Network Indicators:
- HTTP requests containing unexpected parameter values for user IDs or resource identifiers
- Unusual traffic patterns to authorization endpoints
SIEM Query:
source="web_app_logs" AND (event_type="authorization_failure" OR parameter_manipulation="true")