Login Sign Up

CVE-2025-55741

8.1 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability allows users without proper delete privileges to bypass access controls and delete products via the mass-delete endpoint in UnoPim. It affects all organizations using UnoPim versions 0.3.0 and earlier, potentially leading to unauthorized data deletion and business disruption.

💻 Affected Systems

Products:
  • UnoPim
Versions: 0.3.0 and earlier
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations of UnoPim with the vulnerable versions, regardless of configuration.

📦 What is this software?

Unopim by Webkul

View all CVEs affecting Unopim →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Malicious or compromised users could delete all products in the system, causing complete data loss, operational disruption, and significant business impact.

🟠

Likely Case

Users with limited privileges could delete products they shouldn't have access to, leading to data integrity issues and potential business process disruption.

🟢

If Mitigated

With proper access controls and monitoring, impact would be limited to isolated incidents that can be quickly detected and remediated.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but minimal technical skill. Public advisory includes demonstration video.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.3.1

Vendor Advisory: https://github.com/unopim/unopim/security/advisories/GHSA-8p2f-fx4q-75cx

Restart Required: Yes

Instructions:

1. Backup your UnoPim database and application files. 2. Update UnoPim to version 0.3.1 via composer: 'composer require unopim/unopim:0.3.1'. 3. Run database migrations if required. 4. Restart your web server and queue workers.

🧯 If You Can't Patch

  • Implement network-level access controls to restrict access to mass-delete endpoints
  • Enable detailed logging and monitoring for all delete operations and implement alerting

🔍 How to Verify

Check if Vulnerable:

Check your UnoPim version via 'composer show unopim/unopim' or check the application's version file. If version is 0.3.0 or earlier, you are vulnerable.

Check Version:

composer show unopim/unopim | grep versions

Verify Fix Applied:

After updating, verify the version is 0.3.1 and test that users without delete privileges cannot access mass-delete functionality.

📡 Detection & Monitoring

Log Indicators:

  • Multiple DELETE requests to mass-delete endpoints from users without delete privileges
  • Unusual patterns of product deletions

Network Indicators:

  • HTTP POST/DELETE requests to /api/products/mass-delete or similar endpoints

SIEM Query:

source="web_logs" AND (uri_path="*mass-delete*" OR uri_path="*bulk-delete*") AND http_method IN ("POST", "DELETE") AND user_role!="admin"

📊 Metadata

CVE ID: CVE-2025-55741
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-284
EPSS Score: 0.06% exploit probability (18.5th percentile)
Published: August 22, 2025
Last Updated: August 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55741, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)