Yeqifu Warehouse Improper Authorization Vulnerability in User Management Endpoint

A vulnerability exists in Yeqifu Warehouse versions up to commit aaf29962ba407d22d991781de28796ee7b4670e4, specifically within the User Management Endpoint. The issue arises in the UserController.java file, particularly in the addUser, updateUser, and deleteUser functions. This vulnerability allows improper authorization, enabling any logged-in user to create, modify, or delete user accounts. Such actions could lead to account takeover, the creation of backdoor accounts, and denial-of-service by removing legitimate users.

Impact

Exploitation of this vulnerability allows for improper authorization, enabling unauthorized users to perform user account management actions such as creating, updating, or deleting accounts. This could result in account takeover, unauthorized access to user privileges, and disruption of service by removing legitimate users.

Reproduction

To reproduce this vulnerability, log in as a user with low privileges. Once logged in, send a request to the deleteUser endpoint, targeting an admin user. The request will be processed successfully, and the admin user will be deleted.