CVE-2025-25382 – This vulnerability in the Information Kerala Mi... (How to Fix)

Q: What is the severity of CVE-2025-25382?

CVE-2025-25382 has a CVSS score of 7.5 (HIGH). This vulnerability in the Information Kerala Mission SANCHAYA Property Tax Payment Portal allows attackers to modify payment amounts arbitrarily through crafted requests. It affects organizations using SANCHAYA v3.0.4 for tax payment processing. Attackers could manipulate financial transactions without proper validation.

📋 TL;DR

This vulnerability in the Information Kerala Mission SANCHAYA Property Tax Payment Portal allows attackers to modify payment amounts arbitrarily through crafted requests. It affects organizations using SANCHAYA v3.0.4 for tax payment processing. Attackers could manipulate financial transactions without proper validation.

💻 Affected Systems

Products:

Information Kerala Mission SANCHAYA

Versions: v3.0.4

Operating Systems: Any

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects the Property Tax Payment Portal component within SANCHAYA v3.0.4.

📦 What is this software?

Sanchaya by Ikm

View all CVEs affecting Sanchaya →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could manipulate tax payment amounts, leading to financial loss, incorrect tax records, and potential legal/compliance issues for affected municipalities.

🟠

Likely Case

Unauthorized modification of payment amounts resulting in incorrect tax collection and accounting discrepancies.

🟢

If Mitigated

With proper input validation and server-side controls, the vulnerability would be prevented, maintaining transaction integrity.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires crafting specific requests to the payment portal endpoint. No public exploit code is available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v3.0.5 or later

Vendor Advisory: https://github.com/edwin-0990/CVE_ID/blob/main/CVE-2025-25382/README.md

Restart Required: No

Instructions:

1. Contact Information Kerala Mission for the latest patch. 2. Apply the patch to upgrade to v3.0.5 or later. 3. Test the payment portal functionality after patching.

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement server-side validation of payment amounts before processing transactions.

Web Application Firewall Rules

all

Configure WAF to block requests with suspicious payment amount parameters.

🧯 If You Can't Patch

Implement strict server-side validation for all payment amount parameters
Monitor payment transaction logs for unusual amount modifications

🔍 How to Verify

Check if Vulnerable:

Test if payment amount parameters can be modified via crafted requests to the payment portal endpoint.

Check Version:

Check SANCHAYA version in application configuration or admin panel

Verify Fix Applied:

Verify that payment amount parameters are properly validated server-side and cannot be arbitrarily modified.

📡 Detection & Monitoring

Log Indicators:

Unusual payment amount modifications
Requests with manipulated payment parameters

Network Indicators:

HTTP requests to payment endpoints with suspicious amount parameters

SIEM Query:

source="payment_portal" AND (payment_amount_changed=true OR amount_parameter_modified=true)

📊 Metadata

CVE ID: CVE-2025-25382

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE: CWE-472

EPSS Score: 0.12% exploit probability (30.6th percentile)

Published: March 10, 2025

Last Updated: June 23, 2025

🔗 References

https://github.com/edwin-0990/CVE_ID/blob/main/CVE-2025-25382/README.md Third Party Advisory
https://tax.lsgkerala.gov.in/epayment/QuickPaySearch.php Broken Link
https://github.com/edwin-0990/CVE_ID/blob/main/CVE-2025-25382/README.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25382, you might also want to check these: