Login Sign Up

CVE-2025-5649

5.3 MEDIUM
Authentication Bypass

📋 TL;DR

This critical vulnerability in SourceCodester Student Result Management System 1.0 allows unauthorized privileged user creation through improper access controls in the registration interface. Attackers can remotely exploit this to create administrative accounts and gain full system control. All deployments of version 1.0 are affected.

💻 Affected Systems

Products:
  • SourceCodester Student Result Management System
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of version 1.0 are vulnerable by default. No special configuration required.

📦 What is this software?

Student Result Management System by Razormist

View all CVEs affecting Student Result Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where attackers create administrative accounts, access sensitive student data, modify grades, and potentially pivot to other systems.

🟠

Likely Case

Unauthorized administrative account creation leading to data theft, grade manipulation, and potential ransomware deployment.

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring, though the vulnerability still exists.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit available on GitHub. Attack requires no authentication and is simple to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.sourcecodester.com/

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Block Access to Vulnerable Endpoint

all

Restrict access to /admin/core/new_user endpoint using web server configuration or firewall rules.

# Apache: RewriteRule ^/admin/core/new_user - [F]
# Nginx: location ~ ^/admin/core/new_user { deny all; }

Implement Authentication Middleware

all

Add authentication checks to the registration interface to verify user permissions.

🧯 If You Can't Patch

  • Remove system from internet-facing networks immediately
  • Implement strict network segmentation and monitor all access to the vulnerable endpoint

🔍 How to Verify

Check if Vulnerable:

Attempt to access /admin/core/new_user without authentication. If accessible, system is vulnerable.

Check Version:

Check system documentation or admin panel for version information

Verify Fix Applied:

Verify that /admin/core/new_user endpoint requires proper authentication and returns 403/401 for unauthorized requests.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized POST requests to /admin/core/new_user
  • New user creation from unexpected IP addresses
  • Multiple failed authentication attempts followed by successful registration

Network Indicators:

  • HTTP traffic to /admin/core/new_user without authentication headers
  • Unusual spikes in registration requests

SIEM Query:

source="web_server" AND (uri="/admin/core/new_user" AND NOT auth_success="true")

📊 Metadata

CVE ID: CVE-2025-5649
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CWE: CWE-266
EPSS Score: 0.05% exploit probability (14.3th percentile)
Published: June 5, 2025
Last Updated: June 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5649, you might also want to check these:

CVE-2026-23800 10.0

This vulnerability allows attackers to escalate privileges in Modular DS modular-connector WordPress...

Same vulnerability type (CWE-266)
CVE-2026-23550 10.0

This critical vulnerability in Modular DS allows attackers to escalate privileges due to incorrect p...

Same vulnerability type (CWE-266)
CVE-2025-41115 10.0

A critical vulnerability in Grafana's SCIM provisioning allows malicious SCIM clients to provision u...

Same vulnerability type (CWE-266)