CVE-2025-25282

🗓️ 21 Feb 2025 21:04:34Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 82 Views🌐 WEB

Authenticated users can exploit IDOR vulnerability in RAGFlow for unauthorized cross-tenant access.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-25282	21 Feb 202523:31	–	circl
CNNVD	RAGFlow 安全漏洞	21 Feb 202500:00	–	cnnvd
Cvelist	CVE-2025-25282 Potential Insecure Direct Object Reference (IDOR) vulnerability in ragflow	21 Feb 202521:04	–	cvelist
EUVD	EUVD-2025-5080	3 Oct 202520:07	–	euvd
NVD	CVE-2025-25282	21 Feb 202521:15	–	nvd
OSV	CVE-2025-25282 Potential Insecure Direct Object Reference (IDOR) vulnerability in ragflow	21 Feb 202521:04	–	osv
Positive Technologies	PT-2025-7554 · Ragflow · Ragflow	21 Feb 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-25282	23 Feb 202521:22	–	redhatcve
Vulnrichment	CVE-2025-25282 Potential Insecure Direct Object Reference (IDOR) vulnerability in ragflow	21 Feb 202521:04	–	vulnrichment

NVD

Vulners

Node

infiniflow ragflowRange0.13.0–0.14.1

[
  {
    "vendor": "infiniflow",
    "product": "ragflow",
    "versions": [
      {
        "version": "<= 0.13.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/infiniflow/ragflow/security/advisories/GHSA-wc5v-g79p-7hch

Parameter	Position	Path	Description	CWE
<tenant_id>	path	/<tenant_id>/user/list	Insecure Direct Object Reference allows listing users across tenants by manipulating tenant_id in the path.	CWE-639
<tenant_id>	path	/<tenant_id>/user	IDOR allows adding user to another tenant by manipulating tenant_id in the path; request body may carry user data.	CWE-639
body	path	/<tenant_id>/user	IDOR allows adding user to another tenant by manipulating tenant_id in the path; request body may carry user data.	CWE-639

16 Jul 2025 14:24Current

6.8Medium risk

Vulners AI Score6.8

CVSS 38.1

EPSS0.00174

SSVC

CWE-639