CVE-2025-1796

Опубликовано: 20 мар. 2025

Источник: nvd

CVSS3: 7.5

CVSS3: 8.8

EPSS Низкий

Описание

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses random.randint for this purpose, which is not suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application.

Ссылки

https://huntr.com/bounties/a60f3039-5394-4e22-8de7-a7da9c6a6e00
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:langgenius:dify:0.10.1:*:*:*:*:node.js:*:*

EPSS

Процентиль: 32%

0.00127

Низкий

7.5 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-338

Связанные уязвимости

GHSA-cvg9-334x-w586

CVSS3: 7.5

github

11 месяцев назад

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses `random.randint` for this purpose, which is not suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application.

EPSS

Процентиль: 32%

0.00127

Низкий

7.5 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-338