cnvd - cnvd-2025-24640

CNVD-2025-24640

Vulnerability from cnvd - Published: 2025-10-23

Title

ChurchCRM身份验证错误漏洞

Description

ChurchCRM是ChurchCRM开源的一个为教会打造的开源CRM系统。 ChurchCRM 5.18.0及之前版本存在身份验证错误漏洞，该漏洞源于API Endpoint组件中AuthMiddleware函数缺少身份验证，攻击者可利用该漏洞导致机密性、完整性和可用性受影响。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://github.com/ChurchCRM/CRM/commit/3a1cffd2aea63d884025949cfbcfd274d06216a4

Reference

https://nvd.nist.gov/vuln/detail/CVE-2025-11529

Impacted products

Name
ChurchCRM ChurchCRM <=5.18.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-11529",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-11529"
    }
  },
  "description": "ChurchCRM\u662fChurchCRM\u5f00\u6e90\u7684\u4e00\u4e2a\u4e3a\u6559\u4f1a\u6253\u9020\u7684\u5f00\u6e90CRM\u7cfb\u7edf\u3002\n\nChurchCRM 5.18.0\u53ca\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eAPI Endpoint\u7ec4\u4ef6\u4e2dAuthMiddleware\u51fd\u6570\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u673a\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u548c\u53ef\u7528\u6027\u53d7\u5f71\u54cd\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://github.com/ChurchCRM/CRM/commit/3a1cffd2aea63d884025949cfbcfd274d06216a4",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-24640",
  "openTime": "2025-10-23",
  "products": {
    "product": "ChurchCRM ChurchCRM \u003c=5.18.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2025-11529",
  "serverity": "\u9ad8",
  "submitTime": "2025-10-21",
  "title": "ChurchCRM\u8eab\u4efd\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2025-11529 (GCVE-0-2025-11529)

Vulnerability from cvelistv5 – Published: 2025-10-09 03:02 – Updated: 2025-10-09 14:33 X_Open Source

Title

ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication

Summary

A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

7.3 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C

CWE

CWE-306 - Missing Authentication
CWE-287 - Improper Authentication

Assigner

VulDB

References

URL

Tags

	https://vuldb.com/?id.327667	vdb-entrytechnical-description
	https://vuldb.com/?ctiid.327667	signaturepermissions-required
	https://vuldb.com/?submit.669916	third-party-advisory
	https://github.com/uartu0/advisories/blob/main/ch…	exploit
	https://github.com/ChurchCRM/CRM/pull/7376	issue-tracking
	https://github.com/ChurchCRM/CRM/commit/3a1cffd2a…	patch

Impacted products

	Vendor	Product	Version
	n/a	ChurchCRM	Affected: 5.0 Affected: 5.1 Affected: 5.2 Affected: 5.3 Affected: 5.4 Affected: 5.5 Affected: 5.6 Affected: 5.7 Affected: 5.8 Affected: 5.9 Affected: 5.10 Affected: 5.11 Affected: 5.12 Affected: 5.13 Affected: 5.14 Affected: 5.15 Affected: 5.16 Affected: 5.17 Affected: 5.18.0

Credits

uartu0 (VulDB User)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11529",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-09T14:27:36.837070Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-09T14:33:23.789Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/uartu0/advisories/blob/main/churchcrm-api-auth-bypass-2025.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "API Endpoint"
          ],
          "product": "ChurchCRM",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "status": "affected",
              "version": "5.1"
            },
            {
              "status": "affected",
              "version": "5.2"
            },
            {
              "status": "affected",
              "version": "5.3"
            },
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "status": "affected",
              "version": "5.10"
            },
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "status": "affected",
              "version": "5.13"
            },
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "status": "affected",
              "version": "5.15"
            },
            {
              "status": "affected",
              "version": "5.16"
            },
            {
              "status": "affected",
              "version": "5.17"
            },
            {
              "status": "affected",
              "version": "5.18.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "uartu0 (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue."
        },
        {
          "lang": "de",
          "value": "In ChurchCRM up to 5.18.0 ist eine Schwachstelle entdeckt worden. Dabei geht es um die Funktion AuthMiddleware der Datei src/ChurchCRM/Slim/Middleware/AuthMiddleware.php der Komponente API Endpoint. Die Manipulation f\u00fchrt zu missing authentication. Der Angriff l\u00e4sst sich \u00fcber das Netzwerk starten. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden. Der Patch tr\u00e4gt den Namen 3a1cffd2aea63d884025949cfbcfd274d06216a4. Es wird geraten, einen Patch zu installieren, um dieses Problem zu l\u00f6sen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 7.5,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "Missing Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-09T03:02:11.993Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-327667 | ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.327667"
        },
        {
          "name": "VDB-327667 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.327667"
        },
        {
          "name": "Submit #669916 | ChurchCRM ChurchCRM (GitHub: ChurchCRM/CRM) \u003c= 5.18.0 Authentication Bypass / Access Control",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.669916"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/uartu0/advisories/blob/main/churchcrm-api-auth-bypass-2025.md"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/ChurchCRM/CRM/pull/7376"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/ChurchCRM/CRM/commit/3a1cffd2aea63d884025949cfbcfd274d06216a4"
        }
      ],
      "tags": [
        "x_open-source"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-10-08T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-10-08T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-10-08T21:21:17.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-11529",
    "datePublished": "2025-10-09T03:02:11.993Z",
    "dateReserved": "2025-10-08T19:05:38.194Z",
    "dateUpdated": "2025-10-09T14:33:23.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2025-24640

CVE-2025-11529 (GCVE-0-2025-11529)

Tags

Sightings

Nomenclature