CVE-2025-2746

Опубликовано: 24 мар. 2025

Источник: nvd

CVSS3: 9.8

EPSS Высокий

Описание

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172.

Ссылки

https://devnet.kentico.com/download/hotfixes
Patch
https://github.com/watchtowrlabs/kentico-xperience13-AuthBypass-wt-2025-0011
Third Party Advisory
https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms/
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/kentico-xperience-staging-sync-server-digest-password-authentication-bypass
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2746
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*

Версия до 13.0.172 (включая)

EPSS

Процентиль: 99%

0.87412

Высокий

9.8 Critical

CVSS3

Дефекты

CWE-288

Связанные уязвимости

GHSA-h4vh-mhxh-6rrr