CVE-2025-7552 – Dromara Northstar Path AuthorizationInterceptor.java preHandle access control

https://notcve.org/view.php?id=CVE-2025-7552

13 Jul 2025 — A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical. Affected by this issue is the function preHandle of the file northstar-main/src/main/java/org/dromara/northstar/web/interceptor/AuthorizationInterceptor.java of the component Path Handler. The manipulation of the argument Request leads to improper access controls. The attack may be launched remotely. • https://gitee.com/dromara/northstar/commit/8d521bbf531de59b09b8629a9cbf667870ad2541 • CWE-266: Incorrect Privilege Assignment CWE-284: Improper Access Control •