{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9474", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-08-25T15:08:19.362Z", "datePublished": "2025-08-26T05:02:09.404Z", "dateUpdated": "2025-09-05T17:10:11.510Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-26T05:02:09.404Z"}, "title": "Mihomo Party Socket sysproxy.ts enableSysProxy temp file", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-378", "lang": "en", "description": "Creation of Temporary File With Insecure Permissions"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-377", "lang": "en", "description": "Insecure Temporary File"}]}], "affected": [{"vendor": "Mihomo", "product": "Party", "versions": [{"version": "1.8.0", "status": "affected"}, {"version": "1.8.1", "status": "affected"}], "modules": ["Socket Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used."}, {"lang": "de", "value": "In Mihomo Party bis 1.8.1 auf macOS ist eine Schwachstelle entdeckt worden. Betroffen ist die Funktion enableSysProxy der Datei src/main/sys/sysproxy.ts der Komponente Socket Handler. Dank Manipulation mit unbekannten Daten kann eine creation of temporary file with insecure permissions-Schwachstelle ausgenutzt werden. Der Angriff muss auf lokaler Ebene erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2, "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "LOW"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.5, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.5, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-08-25T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-08-25T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-08-25T19:44:50.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "SwayZGl1tZyyy (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "SwayZGl1tZyyy (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.321343", "name": "VDB-321343 | Mihomo Party Socket sysproxy.ts enableSysProxy temp file", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.321343", "name": "VDB-321343 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.634656", "name": "Submit #634656 | mihomo-party-org mihomo-party 1.8.1 Local privilege abuse via unprotected UNIX socket in Mihomo Part", "tags": ["third-party-advisory"]}, {"url": "https://github.com/SwayZGl1tZyyy/n-days/blob/main/mihomo-party/README.md", "tags": ["related"]}, {"url": "https://github.com/SwayZGl1tZyyy/n-days/blob/main/mihomo-party/README.md#proof-of-concept-1", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-26T15:45:28.714687Z", "id": "CVE-2025-9474", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-05T17:10:11.510Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9474", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-26T15:45:28.714687Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-26T15:45:35.333Z"}}], "cna": {"title": "Mihomo Party Socket sysproxy.ts enableSysProxy temp file", "credits": [{"lang": "en", "type": "reporter", "value": "SwayZGl1tZyyy (VulDB User)"}, {"lang": "en", "type": "analyst", "value": "SwayZGl1tZyyy (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Mihomo", "modules": ["Socket Handler"], "product": "Party", "versions": [{"status": "affected", "version": "1.8.0"}, {"status": "affected", "version": "1.8.1"}]}], "timeline": [{"lang": "en", "time": "2025-08-25T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-08-25T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-08-25T19:44:50.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.321343", "name": "VDB-321343 | Mihomo Party Socket sysproxy.ts enableSysProxy temp file", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.321343", "name": "VDB-321343 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.634656", "name": "Submit #634656 | mihomo-party-org mihomo-party 1.8.1 Local privilege abuse via unprotected UNIX socket in Mihomo Part", "tags": ["third-party-advisory"]}, {"url": "https://github.com/SwayZGl1tZyyy/n-days/blob/main/mihomo-party/README.md", "tags": ["related"]}, {"url": "https://github.com/SwayZGl1tZyyy/n-days/blob/main/mihomo-party/README.md#proof-of-concept-1", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used."}, {"lang": "de", "value": "In Mihomo Party bis 1.8.1 auf macOS ist eine Schwachstelle entdeckt worden. Betroffen ist die Funktion enableSysProxy der Datei src/main/sys/sysproxy.ts der Komponente Socket Handler. Dank Manipulation mit unbekannten Daten kann eine creation of temporary file with insecure permissions-Schwachstelle ausgenutzt werden. Der Angriff muss auf lokaler Ebene erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit ist \u00f6ffentlich verf\u00fcgbar und k\u00f6nnte genutzt werden."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-378", "description": "Creation of Temporary File With Insecure Permissions"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-377", "description": "Insecure Temporary File"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-26T05:02:09.404Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9474", "state": "PUBLISHED", "dateUpdated": "2025-09-05T17:10:11.510Z", "dateReserved": "2025-08-25T15:08:19.362Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-08-26T05:02:09.404Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used."}, {"lang": "es", "value": "Se detect\u00f3 una vulnerabilidad en Mihomo Party hasta la versi\u00f3n 1.8.1 en macOS. La funci\u00f3n enableSysProxy del archivo src/main/sys/sysproxy.ts del componente Socket Handler se ve afectada. La manipulaci\u00f3n da como resultado la creaci\u00f3n de un archivo temporal con permisos inseguros. El ataque requiere un enfoque local. Es un ataque de complejidad bastante alta. Parece dif\u00edcil de explotar. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."}], "id": "CVE-2025-9474", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 1.5, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-08-26T05:15:33.173", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/SwayZGl1tZyyy/n-days/blob/main/mihomo-party/README.md"}, {"source": "cna@vuldb.com", "url": "https://github.com/SwayZGl1tZyyy/n-days/blob/main/mihomo-party/README.md#proof-of-concept-1"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.321343"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.321343"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.634656"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}, {"lang": "en", "value": "CWE-378"}], "source": "cna@vuldb.com", "type": "Secondary"}]}

{}

{"created": "2025-08-27T11:21:39.510505+00:00", "updated": "2025-08-27T11:21:39.510565+00:00", "vendors": ["apple", "apple$PRODUCT$macos"]}