Posted Date: 2025/11/12

[Vulnerability Alert] WangYun Information New Site Server has a high-risk security vulnerability (CVE-2025-12868), please confirm and patch as soon as possible

  • Subject: [Vulnerability Alert] WangYun Information New Site Server has a high-risk security vulnerability (CVE-2025-12868), please confirm and patch as soon as possible
  • Content:
    • Forwarded from National Information Security Information Sharing and Analysis Center NISAC-200-202511-00000114
    • Researchers have discovered a Use of Client-Side Authentication vulnerability (CVE-2025-12868) in WangYun Information New Site Server. An unauthenticated remote attacker can modify front-end code to gain website administrator privileges. Please confirm and patch as soon as possible.
  • Affected Platforms:
    • New Site Server
  • Recommended Measures:
    • The official source has released a fix update for the vulnerability; please contact the vendor for the update.
  • References:
    1. https://nvd.nist.gov/vuln/detail/CVE-2025-12868

Computer and Communications Center
Network Systems Group