CVE-2025-10277 | YunaiV yudao-cloud up to 2025.09 /crm/receivable/submit ID improper authorization

A vulnerability categorized as critical has been discovered in YunaiV yudao-cloud up to 2025.09. This issue affects some unknown processing of the file /crm/receivable/submit. The manipulation of the argument ID results in improper authorization.

This vulnerability is identified as CVE-2025-10277. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More