CVE-2023-7325 Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF

🗓️ 30 Oct 2025 21:17:54Reported by VulnCheckType

SSRF in xmlrpc.sock of Mingyu Operations and Maintenance Audit and Risk Control System enables internal unix socket RPC to create arbitrary user accounts.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2023-7325	30 Oct 202522:02	–	circl
CNNVD	Anheng Mingyu Operations and Maintenance Audit and Risk Control System 安全漏洞	30 Oct 202500:00	–	cnnvd
CVE	CVE-2023-7325	30 Oct 202521:17	–	cve
EUVD	EUVD-2023-60054	31 Oct 202500:30	–	euvd
NVD	CVE-2023-7325	30 Oct 202522:15	–	nvd
Positive Technologies	PT-2025-44460	30 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2023-7325	31 Oct 202522:07	–	redhatcve
VulnCheck KEV	VulnCheck KEV: CVE-2023-7325	30 Oct 202500:00	–	vulncheck_kev
Vulnrichment	CVE-2023-7325 Mingyu Operations and Maintenance Audit and Risk Control System xmlrpc.sock SSRF	30 Oct 202521:17	–	vulnrichment

[
  {
    "defaultStatus": "unknown",
    "modules": [
      "xmlrpc.sock endpoint (XML-RPC over unix socket handler)"
    ],
    "product": "Mingyu Operations and Maintenance Audit and Risk Control System",
    "vendor": "Anheng Information (Hangzhou DBAPP Security Information Technology Co., Ltd.)",
    "versions": [
      {
        "lessThan": "2023-08-10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
vulncheck	www.vulncheck.com/advisories/mingyu-operations-and-maintenance-audit-and-risk-control-system-xmirpc-sock-ssrf
github	www.github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/iot/%E5%AE%89%E6%81%92/%E5%AE%89%E6%81%92%20%E6%98%8E%E5%BE%A1%E8%BF%90%E7%BB%B4%E5%AE%A1%E8%AE%A1%E4%B8%8E%E9%A3%8E%E9%99%A9%E6%8E%A7%E5%88%B6%E7%B3%BB%E7%BB%9F%20xmlrpc.sock%20%E4%BB%BB%E6%84%8F%E7%94%A8%E6%88%B7%E6%B7%BB%E5%8A%A0%E6%BC%8F%E6%B4%9E.md
cn-sec	www.cn-sec.com/archives/1947658.html

31 Oct 2025 14:03Current

CVSS 49.3

EPSS0.00059