[Vulnerability Alert] Jinzun Information｜Statistical Database System - Missing Authentication

• Subject: [Vulnerability Alert] Jinzun Information｜Statistical Database System - Missing Authentication

• Content:
  • Forwarded from Taiwan Computer Network Emergency Response Team/Coordination Center TWCERTCC-200-202509-00000011
  • [Jinzun Information｜Statistical Database System - Missing Authentication] (CVE-2025-10452, CVSS: 9.8) The Statistical Database System developed by Jinzun Information has a Missing Authentication vulnerability. An unauthenticated remote attacker can directly read, modify, and delete database content with high privileges.
• Affected Platforms:
  • Statistical Database System versions earlier than 1.0.1 (excluding)
• Recommended Action:
  • Update to version 1.0.1 (inclusive) and later versions
• References:
  • Jinzun Information｜Statistical Database System - Missing Authentication: https://www.twcert.org.tw/tw/cp-132-10379-70d40-1.html

Computer and Communications Center
Network Systems Group