CVE-2025-9514 MEDIUM

CVE-2025-9514: macrozheng mall Registration weak password

Vendor Macrozheng
Product mall
Weakness CWE-521
Published August 27, 2025
Last update August 27, 2025

CVSS base score

6.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X

What the vulnerability does

01Description

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.

Key dates

02Disclosure timeline

August 27, 2025 CVE published
August 27, 2025 Record updated