[Vulnerability Alert] WangYun Information New Site Server has a high-risk security vulnerability (CVE-2025-12868), please confirm and patch as soon as possible

• Subject: [Vulnerability Alert] WangYun Information New Site Server has a high-risk security vulnerability (CVE-2025-12868), please confirm and patch as soon as possible
• Content:
  • Forwarded from National Information Security Information Sharing and Analysis Center NISAC-200-202511-00000114
  • Researchers have discovered a Use of Client-Side Authentication vulnerability (CVE-2025-12868) in WangYun Information New Site Server. An unauthenticated remote attacker can modify front-end code to gain website administrator privileges. Please confirm and patch as soon as possible.
• Affected Platforms:
  • New Site Server
• Recommended Measures:
  • The official source has released a fix update for the vulnerability; please contact the vendor for the update.
• References:
  1. https://nvd.nist.gov/vuln/detail/CVE-2025-12868

Computer and Communications Center
Network Systems Group