Date Posted: 2025/09/17
[Vulnerability Alert] Jinzun Information|Statistical Database System - Missing Authentication
- Subject: [Vulnerability Alert] Jinzun Information|Statistical Database System - Missing Authentication
- Content:
- Forwarded from Taiwan Computer Network Emergency Response Team/Coordination Center TWCERTCC-200-202509-00000011
- [Jinzun Information|Statistical Database System - Missing Authentication] (CVE-2025-10452, CVSS: 9.8) The Statistical Database System developed by Jinzun Information has a Missing Authentication vulnerability. An unauthenticated remote attacker can directly read, modify, and delete database content with high privileges.
- Affected Platforms:
- Statistical Database System versions earlier than 1.0.1 (excluding)
- Recommended Action:
- Update to version 1.0.1 (inclusive) and later versions
- References:
- Jinzun Information|Statistical Database System - Missing Authentication: https://www.twcert.org.tw/tw/cp-132-10379-70d40-1.html
Computer and Communications Center
Network Systems Group
