Common Weakness Enumeration

CWE-321

Allowed

Use of Hard-coded Cryptographic Key

Abstraction: Variant · Status: Draft

The product uses a hard-coded, unchangeable cryptographic key.

503 vulnerabilities reference this CWE, most recent first.

CVE-2025-15016 (GCVE-0-2025-15016)

Vulnerability from cvelistv5 – Published: 2025-12-22 03:27 – Updated: 2025-12-22 14:43
VLAI
Title
Ragic|Enterprise Cloud Database - Hard-coded Cryptographic Key
Summary
Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
Date Public
2025-12-22 03:25
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15016",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-22T14:42:08.668678Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-22T14:43:27.232Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Enterprise Cloud Database",
          "vendor": "Ragic",
          "versions": [
            {
              "status": "affected",
              "version": "0"
            }
          ]
        }
      ],
      "datePublic": "2025-12-22T03:25:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user."
            }
          ],
          "value": "Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-37",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-37 Retrieve Embedded Sensitive Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-22T03:27:57.769Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-10587-797c6-1.html"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.twcert.org.tw/en/cp-139-10588-771e5-2.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Contact the vendor to Install the patch."
            }
          ],
          "value": "Contact the vendor to Install the patch."
        }
      ],
      "source": {
        "advisory": "TVN-202512007",
        "discovery": "EXTERNAL"
      },
      "title": "Ragic\uff5cEnterprise Cloud Database - Hard-coded Cryptographic Key",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2025-15016",
    "datePublished": "2025-12-22T03:27:57.769Z",
    "dateReserved": "2025-12-22T01:45:24.328Z",
    "dateUpdated": "2025-12-22T14:43:27.232Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-15005 (GCVE-0-2025-15005)

Vulnerability from cvelistv5 – Published: 2025-12-22 00:32 – Updated: 2026-02-24 06:01
VLAI
Title
CouchCMS reCAPTCHA config.example.php hard-coded key
Summary
A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument K_RECAPTCHA_SITE_KEY/K_RECAPTCHA_SECRET_KEY results in use of hard-coded cryptographic key . It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit has been released to the public and may be used for attacks.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
Impacted products
Vendor Product Version
n/a CouchCMS Affected: 2.0
Affected: 2.1
Affected: 2.2
Affected: 2.3
Affected: 2.4
    cpe:2.3:a:couchcms:couchcms:*:*:*:*:*:*:*:*
Credits
hiro (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-15005",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-22T15:12:23.153843Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-22T15:12:32.269Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:couchcms:couchcms:*:*:*:*:*:*:*:*"
          ],
          "modules": [
            "reCAPTCHA Handler"
          ],
          "product": "CouchCMS",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2.0"
            },
            {
              "status": "affected",
              "version": "2.1"
            },
            {
              "status": "affected",
              "version": "2.2"
            },
            {
              "status": "affected",
              "version": "2.3"
            },
            {
              "status": "affected",
              "version": "2.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "hiro (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security flaw has been discovered in CouchCMS up to 2.4. Affected is an unknown function of the file couch/config.example.php of the component reCAPTCHA Handler. The manipulation of the argument K_RECAPTCHA_SITE_KEY/K_RECAPTCHA_SECRET_KEY results in use of hard-coded cryptographic key\r . It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit has been released to the public and may be used for attacks."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-24T06:01:34.995Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-337711 | CouchCMS reCAPTCHA config.example.php hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.337711"
        },
        {
          "name": "VDB-337711 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.337711"
        },
        {
          "name": "Submit #718998 | https://github.com/CouchCMS/CouchCMS \u2264 2.4 Use of Hard-coded Cryptographic Key",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.718998"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://note-hxlab.wetolink.com/share/jNNcrdrNyCvl"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://note-hxlab.wetolink.com/share/jNNcrdrNyCvl#-span--strong-proof-of-concept---strong---span-"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-21T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-12-21T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-12-31T19:00:54.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "CouchCMS reCAPTCHA config.example.php hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-15005",
    "datePublished": "2025-12-22T00:32:07.346Z",
    "dateReserved": "2025-12-21T12:42:54.446Z",
    "dateUpdated": "2026-02-24T06:01:34.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14923 (GCVE-0-2025-14923)

Vulnerability from cvelistv5 – Published: 2026-03-03 19:47 – Updated: 2026-03-04 21:13
VLAI
Title
IBM WebSphere Application Server Liberty could provide weaker than expected security
Summary
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
ibm
References
URL Tags
https://www.ibm.com/support/pages/node/7261761 vendor-advisorypatch
Impacted products
Vendor Product Version
IBM WebSphere Application Server - Liberty Affected: 17.0.0.3 , ≤ 26.0.0.2 (semver)
    cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.2:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14923",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-04T21:13:05.434821Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-04T21:13:18.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:websphere_application_server___liberty:17.0.0.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:websphere_application_server___liberty:26.0.0.2:*:*:*:*:*:*:*"
          ],
          "product": "WebSphere Application Server - Liberty",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "26.0.0.2",
              "status": "affected",
              "version": "17.0.0.3",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings.\u003c/p\u003e"
            }
          ],
          "value": "IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-03T19:47:25.423Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7261761"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH69658. For IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.2: \u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH69658 --OR-- \u00b7 Apply Liberty Fix Pack 26.0.0.3 or later (targeted availability 1Q2026). Additional interim fixes may be available and linked off the interim fix download page.\u003c/p\u003e"
            }
          ],
          "value": "IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the fix for APAR PH69658. For IBM WebSphere Application Server Liberty 17.0.0.3 - 26.0.0.2: \u00b7 Upgrade to minimal fix pack levels as required by the interim fix and then apply the Interim Fix that resolves PH69658 --OR-- \u00b7 Apply Liberty Fix Pack 26.0.0.3 or later (targeted availability 1Q2026). Additional interim fixes may be available and linked off the interim fix download page."
        }
      ],
      "title": "IBM WebSphere Application Server Liberty could provide weaker than expected security",
      "x_generator": {
        "engine": "ibm-cvegen"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-14923",
    "datePublished": "2026-03-03T19:47:25.423Z",
    "dateReserved": "2025-12-18T20:46:47.275Z",
    "dateUpdated": "2026-03-04T21:13:18.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-14651 (GCVE-0-2025-14651)

Vulnerability from cvelistv5 – Published: 2025-12-14 08:32 – Updated: 2025-12-15 21:23
VLAI
Title
MartialBE one-hub docker-compose.yml hard-coded key
Summary
A vulnerability has been found in MartialBE one-hub up to 0.14.27. This vulnerability affects unknown code of the file docker-compose.yml. The manipulation of the argument SESSION_SECRET leads to use of hard-coded cryptographic key . The attack may be initiated remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The code maintainer recommends (translated from Chinese): "The default docker-compose example file is not recommended for production use. If you intend to use it in production, please carefully check and modify every configuration and environment variable yourself!"
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
Impacted products
Vendor Product Version
MartialBE one-hub Affected: 0.14.0
Affected: 0.14.1
Affected: 0.14.2
Affected: 0.14.3
Affected: 0.14.4
Affected: 0.14.5
Affected: 0.14.6
Affected: 0.14.7
Affected: 0.14.8
Affected: 0.14.9
Affected: 0.14.10
Affected: 0.14.11
Affected: 0.14.12
Affected: 0.14.13
Affected: 0.14.14
Affected: 0.14.15
Affected: 0.14.16
Affected: 0.14.17
Affected: 0.14.18
Affected: 0.14.19
Affected: 0.14.20
Affected: 0.14.21
Affected: 0.14.22
Affected: 0.14.23
Affected: 0.14.24
Affected: 0.14.25
Affected: 0.14.26
Affected: 0.14.27
Create a notification for this product.
Credits
28Hus (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-14651",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-15T21:23:07.157667Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-15T21:23:27.290Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "one-hub",
          "vendor": "MartialBE",
          "versions": [
            {
              "status": "affected",
              "version": "0.14.0"
            },
            {
              "status": "affected",
              "version": "0.14.1"
            },
            {
              "status": "affected",
              "version": "0.14.2"
            },
            {
              "status": "affected",
              "version": "0.14.3"
            },
            {
              "status": "affected",
              "version": "0.14.4"
            },
            {
              "status": "affected",
              "version": "0.14.5"
            },
            {
              "status": "affected",
              "version": "0.14.6"
            },
            {
              "status": "affected",
              "version": "0.14.7"
            },
            {
              "status": "affected",
              "version": "0.14.8"
            },
            {
              "status": "affected",
              "version": "0.14.9"
            },
            {
              "status": "affected",
              "version": "0.14.10"
            },
            {
              "status": "affected",
              "version": "0.14.11"
            },
            {
              "status": "affected",
              "version": "0.14.12"
            },
            {
              "status": "affected",
              "version": "0.14.13"
            },
            {
              "status": "affected",
              "version": "0.14.14"
            },
            {
              "status": "affected",
              "version": "0.14.15"
            },
            {
              "status": "affected",
              "version": "0.14.16"
            },
            {
              "status": "affected",
              "version": "0.14.17"
            },
            {
              "status": "affected",
              "version": "0.14.18"
            },
            {
              "status": "affected",
              "version": "0.14.19"
            },
            {
              "status": "affected",
              "version": "0.14.20"
            },
            {
              "status": "affected",
              "version": "0.14.21"
            },
            {
              "status": "affected",
              "version": "0.14.22"
            },
            {
              "status": "affected",
              "version": "0.14.23"
            },
            {
              "status": "affected",
              "version": "0.14.24"
            },
            {
              "status": "affected",
              "version": "0.14.25"
            },
            {
              "status": "affected",
              "version": "0.14.26"
            },
            {
              "status": "affected",
              "version": "0.14.27"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "28Hus (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been found in MartialBE one-hub up to 0.14.27. This vulnerability affects unknown code of the file docker-compose.yml. The manipulation of the argument SESSION_SECRET leads to use of hard-coded cryptographic key\r . The attack may be initiated remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. The code maintainer recommends (translated from Chinese): \"The default docker-compose example file is not recommended for production use. If you intend to use it in production, please carefully check and modify every configuration and environment variable yourself!\""
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:W/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:W/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-14T08:32:06.896Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-336384 | MartialBE one-hub docker-compose.yml hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.336384"
        },
        {
          "name": "VDB-336384 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.336384"
        },
        {
          "name": "Submit #710249 | https://github.com/MartialBE https://github.com/MartialBE/one-hub \u2264 v0.14.27 Authentication Bypass by Primary Weakness",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.710249"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/MartialBE/one-hub/issues/872"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/MartialBE/one-hub/issues/872#issuecomment-3616033169"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/MartialBE/one-hub/blob/main/docker-compose.yml#L15C24-L15C38"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-13T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-12-13T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-12-13T10:20:22.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "MartialBE one-hub docker-compose.yml hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-14651",
    "datePublished": "2025-12-14T08:32:06.896Z",
    "dateReserved": "2025-12-13T09:14:28.307Z",
    "dateUpdated": "2025-12-15T21:23:27.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-13948 (GCVE-0-2025-13948)

Vulnerability from cvelistv5 – Published: 2025-12-03 14:32 – Updated: 2025-12-03 21:24
VLAI
Title
opsre go-ldap-admin JWT docker-compose.yaml hard-coded key
Summary
A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key . The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
URL Tags
https://vuldb.com/?id.334163 vdb-entrytechnical-description
https://vuldb.com/?ctiid.334163 signaturepermissions-required
https://vuldb.com/?submit.692213 third-party-advisory
https://gist.github.com/H2u8s/a51ac1fe38d62746d14… exploit
Impacted products
Vendor Product Version
opsre go-ldap-admin Affected: 20251011
Create a notification for this product.
Credits
28Hus (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13948",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-03T21:24:12.112328Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-03T21:24:31.989Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "JWT Handler"
          ],
          "product": "go-ldap-admin",
          "vendor": "opsre",
          "versions": [
            {
              "status": "affected",
              "version": "20251011"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "28Hus (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key\r . The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5.1,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-03T14:32:07.380Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-334163 | opsre go-ldap-admin JWT docker-compose.yaml hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.334163"
        },
        {
          "name": "VDB-334163 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.334163"
        },
        {
          "name": "Submit #692213 | https://github.com/opsre https://github.com/opsre/go-ldap-admin Latest Authorization Bypass",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.692213"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://gist.github.com/H2u8s/a51ac1fe38d62746d1425b70ff49420c"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-03T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-12-03T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-12-03T10:39:18.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "opsre go-ldap-admin JWT docker-compose.yaml hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-13948",
    "datePublished": "2025-12-03T14:32:07.380Z",
    "dateReserved": "2025-12-03T09:34:14.665Z",
    "dateUpdated": "2025-12-03T21:24:31.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-13877 (GCVE-0-2025-13877)

Vulnerability from cvelistv5 – Published: 2025-12-02 16:02 – Updated: 2025-12-02 16:18
VLAI
Title
nocobase JWT Service jwt-service.ts hard-coded key
Summary
A vulnerability was detected in nocobase up to 1.9.4/2.0.0-alpha.37. The affected element is an unknown function of the file nocobase\packages\core\auth\src\base\jwt-service.ts of the component JWT Service. The manipulation of the argument API_KEY results in use of hard-coded cryptographic key . The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is described as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
URL Tags
https://vuldb.com/?id.334033 vdb-entrytechnical-description
https://vuldb.com/?ctiid.334033 signaturepermissions-required
https://vuldb.com/?submit.692205 third-party-advisory
https://gist.github.com/H2u8s/f3ede60d7ecfe598ae4… exploit
Impacted products
Vendor Product Version
n/a nocobase Affected: 1.9.0
Affected: 1.9.1
Affected: 1.9.2
Affected: 1.9.3
Affected: 1.9.4
Affected: 2.0.0-alpha.0
Affected: 2.0.0-alpha.1
Affected: 2.0.0-alpha.2
Affected: 2.0.0-alpha.3
Affected: 2.0.0-alpha.4
Affected: 2.0.0-alpha.5
Affected: 2.0.0-alpha.6
Affected: 2.0.0-alpha.7
Affected: 2.0.0-alpha.8
Affected: 2.0.0-alpha.9
Affected: 2.0.0-alpha.10
Affected: 2.0.0-alpha.11
Affected: 2.0.0-alpha.12
Affected: 2.0.0-alpha.13
Affected: 2.0.0-alpha.14
Affected: 2.0.0-alpha.15
Affected: 2.0.0-alpha.16
Affected: 2.0.0-alpha.17
Affected: 2.0.0-alpha.18
Affected: 2.0.0-alpha.19
Affected: 2.0.0-alpha.20
Affected: 2.0.0-alpha.21
Affected: 2.0.0-alpha.22
Affected: 2.0.0-alpha.23
Affected: 2.0.0-alpha.24
Affected: 2.0.0-alpha.25
Affected: 2.0.0-alpha.26
Affected: 2.0.0-alpha.27
Affected: 2.0.0-alpha.28
Affected: 2.0.0-alpha.29
Affected: 2.0.0-alpha.30
Affected: 2.0.0-alpha.31
Affected: 2.0.0-alpha.32
Affected: 2.0.0-alpha.33
Affected: 2.0.0-alpha.34
Affected: 2.0.0-alpha.35
Affected: 2.0.0-alpha.36
Affected: 2.0.0-alpha.37
Credits
28Hus (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13877",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-02T16:16:15.434340Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-02T16:18:30.865Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "JWT Service"
          ],
          "product": "nocobase",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "1.9.0"
            },
            {
              "status": "affected",
              "version": "1.9.1"
            },
            {
              "status": "affected",
              "version": "1.9.2"
            },
            {
              "status": "affected",
              "version": "1.9.3"
            },
            {
              "status": "affected",
              "version": "1.9.4"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.0"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.1"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.2"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.3"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.4"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.5"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.6"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.7"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.8"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.9"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.10"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.11"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.12"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.13"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.14"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.15"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.16"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.17"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.18"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.19"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.20"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.21"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.22"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.23"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.24"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.25"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.26"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.27"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.28"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.29"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.30"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.31"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.32"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.33"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.34"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.35"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.36"
            },
            {
              "status": "affected",
              "version": "2.0.0-alpha.37"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "28Hus (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in nocobase up to 1.9.4/2.0.0-alpha.37. The affected element is an unknown function of the file nocobase\\packages\\core\\auth\\src\\base\\jwt-service.ts of the component JWT Service. The manipulation of the argument API_KEY results in use of hard-coded cryptographic key\r . The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is described as difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5.1,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-02T16:02:05.857Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-334033 | nocobase JWT Service jwt-service.ts hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.334033"
        },
        {
          "name": "VDB-334033 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.334033"
        },
        {
          "name": "Submit #692205 | https://github.com/nocobase https://github.com/nocobase/nocobase Latest Authorization Bypass",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.692205"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://gist.github.com/H2u8s/f3ede60d7ecfe598ae452aa5a8fbb90d"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-12-02T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-12-02T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-12-02T10:50:07.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "nocobase JWT Service jwt-service.ts hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-13877",
    "datePublished": "2025-12-02T16:02:05.857Z",
    "dateReserved": "2025-12-02T09:44:50.654Z",
    "dateUpdated": "2025-12-02T16:18:30.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-13316 (GCVE-0-2025-13316)

Vulnerability from cvelistv5 – Published: 2025-11-19 17:53 – Updated: 2025-11-19 18:19
VLAI
Title
Hard-coded encryption keys in Twonky Server
Summary
Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to Twonky Server.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
Impacted products
Date Public
2025-11-19 17:45
Credits
Ryan Emmons, Staff Security Researcher at Rapid7
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13316",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T18:19:36.358192Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-19T18:19:43.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux",
            "Windows"
          ],
          "product": "Twonky Server",
          "vendor": "Lynxtechnology",
          "versions": [
            {
              "status": "affected",
              "version": "8.5.2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ryan Emmons, Staff Security Researcher at Rapid7"
        }
      ],
      "datePublic": "2025-11-19T17:45:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to Twonky Server."
            }
          ],
          "value": "Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with knowledge of the encrypted administrator password can decrypt the value with static keys to view the plain text password and gain administrator-level access to Twonky Server."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-151",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-151 Identity Spoofing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321: Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T17:53:42.934Z",
        "orgId": "9974b330-7714-4307-a722-5648477acda7",
        "shortName": "rapid7"
      },
      "references": [
        {
          "url": "https://www.rapid7.com/blog/post/cve-2025-13315-cve-2025-13316-critical-twonky-server-authentication-bypass-not-fixed/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Hard-coded encryption keys in Twonky Server",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
    "assignerShortName": "rapid7",
    "cveId": "CVE-2025-13316",
    "datePublished": "2025-11-19T17:53:42.934Z",
    "dateReserved": "2025-11-17T15:07:43.941Z",
    "dateUpdated": "2025-11-19T18:19:43.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-12615 (GCVE-0-2025-12615)

Vulnerability from cvelistv5 – Published: 2025-11-03 03:32 – Updated: 2026-02-24 06:22 X_Freeware
VLAI
Title
PHPGurukul News Portal settings.py hard-coded key
Summary
A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /onps/settings.py. Such manipulation of the argument SECRET_KEY leads to use of hard-coded cryptographic key . The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-320 - Key Management Error
Assigner
References
URL Tags
https://vuldb.com/?id.330909 vdb-entrytechnical-description
https://vuldb.com/?ctiid.330909 signaturepermissions-required
https://vuldb.com/?submit.678625 third-party-advisory
https://github.com/NishantKumar-CSE/News-Portal-P… exploit
https://phpgurukul.com/ product
Impacted products
Vendor Product Version
PHPGurukul News Portal Affected: 1.0
    cpe:2.3:a:phpgurukul:news_portal:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Nishant_Kumar (VulDB User)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-12615",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-03T20:34:58.326056Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:35:20.857Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/NishantKumar-CSE/News-Portal-Python-Django-Project/blob/main/Hard-coded%20Cryptographic%20Key.md"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:phpgurukul:news_portal:*:*:*:*:*:*:*:*"
          ],
          "product": "News Portal",
          "vendor": "PHPGurukul",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Nishant_Kumar (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /onps/settings.py. Such manipulation of the argument SECRET_KEY leads to use of hard-coded cryptographic key\r . The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is described as difficult. The exploit has been disclosed publicly and may be used."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 5.1,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-320",
              "description": "Key Management Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-24T06:22:16.946Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-330909 | PHPGurukul News Portal settings.py hard-coded key",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.330909"
        },
        {
          "name": "VDB-330909 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.330909"
        },
        {
          "name": "Submit #678625 | PHPGurukul News Portal using Python Django and MySQL 1.0 Use of Hard-coded Cryptographic Key",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.678625"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/NishantKumar-CSE/News-Portal-Python-Django-Project/blob/main/Hard-coded%20Cryptographic%20Key.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://phpgurukul.com/"
        }
      ],
      "tags": [
        "x_freeware"
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-11-02T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-11-02T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-11-11T04:29:01.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "PHPGurukul News Portal settings.py hard-coded key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-12615",
    "datePublished": "2025-11-03T03:32:06.859Z",
    "dateReserved": "2025-11-02T13:12:28.220Z",
    "dateUpdated": "2026-02-24T06:22:16.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-12599 (GCVE-0-2025-12599)

Vulnerability from cvelistv5 – Published: 2025-11-01 18:39 – Updated: 2025-11-03 13:29
VLAI
Title
Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000)
Summary
Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
Credits
Kevin Schaller Benjamin Lafois Alexi Bitsios Sebastian Toscano Dominik Schneider
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-12599",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-03T13:24:07.997503Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-03T13:29:56.000Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "BLU-IC2",
          "vendor": "Azure Access Technology",
          "versions": [
            {
              "lessThanOrEqual": "1.19.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "BLU-IC4",
          "vendor": "Azure Access Technology",
          "versions": [
            {
              "lessThanOrEqual": "1.19.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kevin Schaller"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Benjamin Lafois"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Alexi Bitsios"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Sebastian Toscano"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Dominik Schneider"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).\u003cp\u003eThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.\u003c/p\u003e"
            }
          ],
          "value": "Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-191",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-191 Read Sensitive Constants Within an Executable"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-01T18:39:53.127Z",
        "orgId": "a0340c66-c385-4f8b-991b-3d05f6fd5220",
        "shortName": "azure-access"
      },
      "references": [
        {
          "url": "https://azure-access.com/security-advisories"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0340c66-c385-4f8b-991b-3d05f6fd5220",
    "assignerShortName": "azure-access",
    "cveId": "CVE-2025-12599",
    "datePublished": "2025-11-01T18:39:53.127Z",
    "dateReserved": "2025-11-01T18:36:05.890Z",
    "dateUpdated": "2025-11-03T13:29:56.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-12177 (GCVE-0-2025-12177)

Vulnerability from cvelistv5 – Published: 2025-11-08 03:27 – Updated: 2026-04-08 16:37
VLAI
Title
Download Manager <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key
Summary
The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired() and clearTempDataCPCron() functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs leading to deletion of expired posts and clearing cache.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
Impacted products
Vendor Product Version
codename065 Download Manager Affected: 0 , ≤ 3.3.30 (semver)
Create a notification for this product.
Credits
Jack Pas
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-12177",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-10T20:03:13.844824Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-10T20:09:53.311Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Download Manager",
          "vendor": "codename065",
          "versions": [
            {
              "lessThanOrEqual": "3.3.30",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jack Pas"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded Cron key used in the deleteExpired() and clearTempDataCPCron() functions in all versions up to, and including, 3.3.30. This makes it possible for unauthenticated attackers to trigger these cron jobs leading to deletion of expired posts and clearing cache."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321 Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:37:29.806Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17d5253c-5000-40c7-a7fd-f75d4badfb5e?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3390068%40download-manager\u0026new=3390068%40download-manager\u0026sfp_email=\u0026sfph_mail="
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-10-24T16:12:41.000Z",
          "value": "Vendor Notified"
        },
        {
          "lang": "en",
          "time": "2025-11-07T00:00:00.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Download Manager \u003c= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2025-12177",
    "datePublished": "2025-11-08T03:27:45.992Z",
    "dateReserved": "2025-10-24T15:57:21.778Z",
    "dateUpdated": "2026-04-08T16:37:29.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation
Architecture and Design

Prevention schemes mirror that of hard-coded password storage.

No CAPEC attack patterns related to this CWE.