CVE-2025-1796

Exploit

EPSS 0.06%
Veröffentlicht 20.03.2025 10:08:46
Zuletzt bearbeitet 16.07.2025 15:15:54
Quelle security@huntr.dev
Teams Watchlist Login
Unerledigt Login

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses `random.randint` for this purpose, which is not suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Langgenius ≫ Dify Version0.10.1 SwPlatformnode.js

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.19

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security@huntr.dev	7.5	1.6	5.9	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.

https://huntr.com/bounties/a60f3039-5394-4e22-8de7-a7da9c6a6e00

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-1796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-1796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-1796

EUVD