CVE-2025-1796

Exploit

EPSS 0.06%
Published 20.03.2025 10:08:46
Last modified 16.07.2025 15:15:54
Source security@huntr.dev
Teams watchlist Login
Open Login

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses `random.randint` for this purpose, which is not suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Langgenius ≫ Dify Version0.10.1 SwPlatformnode.js

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.19

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@huntr.dev	7.5	1.6	5.9	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

https://huntr.com/bounties/a60f3039-5394-4e22-8de7-a7da9c6a6e00

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-1796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-1796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-1796

EUVD