CVE-2025-57130 – An incorrect access control vulnerability in Zw... (How to Fix)

Q: What is the severity of CVE-2025-57130?

CVE-2025-57130 has a CVSS score of 8.3 (HIGH). An incorrect access control vulnerability in ZwiiCMS allows authenticated low-privilege users to escalate privileges by accessing and modifying any user's profile data, including administrators. This affects ZwiiCMS installations up to version 13.6.07. Attackers can compromise administrative accounts and take full control of the CMS.

📋 TL;DR

An incorrect access control vulnerability in ZwiiCMS allows authenticated low-privilege users to escalate privileges by accessing and modifying any user's profile data, including administrators. This affects ZwiiCMS installations up to version 13.6.07. Attackers can compromise administrative accounts and take full control of the CMS.

💻 Affected Systems

Products:

ZwiiCMS

Versions: Up to and including v13.6.07

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All installations with user management enabled are vulnerable. The vulnerability exists in the core user management component.

📦 What is this software?

Zwiicms by Zwiicms

View all CVEs affecting Zwiicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where an attacker gains administrative access, modifies all user data, installs backdoors, and potentially accesses underlying server infrastructure.

🟠

Likely Case

Privilege escalation leading to unauthorized data modification, account takeover, and potential lateral movement within the CMS environment.

🟢

If Mitigated

Limited impact with proper network segmentation, strong authentication controls, and monitoring detecting unusual privilege escalation attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but involves simple HTTP request manipulation. The vulnerability is well-documented in security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v13.6.08 or later

Vendor Advisory: http://zwiicms.com

Restart Required: No

Instructions:

1. Backup your current installation. 2. Download the latest version from the official ZwiiCMS website. 3. Replace all files with the new version, preserving configuration files. 4. Verify the update completed successfully.

🔧 Temporary Workarounds

Temporary Access Restriction

all

Restrict access to user management endpoints via web server configuration

# For Apache: add to .htaccess
<FilesMatch "user.*\.php">
Order Deny,Allow
Deny from all
</FilesMatch>
# For Nginx: add to server block
location ~ /user.*\.php$ {
    deny all;
}

🧯 If You Can't Patch

Implement strict network access controls to limit CMS access to trusted IP addresses only.
Enable detailed logging of all user management actions and monitor for unauthorized access attempts.

🔍 How to Verify

Check if Vulnerable:

Check your ZwiiCMS version in the admin panel or by examining the version file. If version is 13.6.07 or earlier, you are vulnerable.

Check Version:

Check admin panel dashboard or examine /core/version.php file contents

Verify Fix Applied:

After updating, verify the version shows 13.6.08 or later. Test that low-privilege users cannot access other user profiles via the user management interface.

📡 Detection & Monitoring

Log Indicators:

Unusual user profile modification requests from non-admin accounts
Multiple failed privilege escalation attempts
User ID parameter manipulation in access logs

Network Indicators:

HTTP POST requests to user management endpoints with modified user ID parameters
Unusual traffic patterns to /user/ endpoints

SIEM Query:

source="web_access_logs" AND (uri_path="/user/" OR uri_path="/admin/user/") AND user_privilege="low" AND (http_method="POST" OR http_method="PUT")

📊 Metadata

CVE ID: CVE-2025-57130

CVSS v3 Score: 8.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CWE: CWE-284

EPSS Score: 0.24% exploit probability (46.6th percentile)

Published: November 5, 2025

Last Updated: February 2, 2026

🔗 References

http://zwiicms.com Product,Broken Link
https://blog.nivel4.com/noticias/cve-2025-57130-especialistas-de-nivel4-identifican-falla-de-alta-severidad-en-gestor-de-contenidos Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-57130, you might also want to check these: