Use of Client-Side Authentication Vulnerability in CyberTutor's New Site Server
CVE-2025-12868

9.3CRITICAL

Key Information:

Vendor: Cybertutor
Status: New Site Server
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-12868?

The New Site Server developed by CyberTutor is susceptible to a client-side authentication vulnerability that enables unauthorized remote attackers to manipulate the frontend code. By doing so, they can gain elevated administrator privileges on the affected website, potentially compromising the integrity and security of the site. This vulnerability highlights the importance of secure coding practices and robust authentication mechanisms to mitigate unauthorized access risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

New Site Server 0

References

https://www.twcert.org.tw/tw/cp-132-10493-bf807-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-10492-84a10-2.html

third-party-advisory

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Nov 7, 2025

JSON

Cybertutor

What is CVE-2025-12868?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.