CWE-328
AllowedUse of Weak Hash
Abstraction: Base · Status: Draft
The product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
149 vulnerabilities reference this CWE, most recent first.
CVE-2026-10540 (GCVE-0-2026-10540)
Vulnerability from cvelistv5 – Published: 2026-07-01 07:52 – Updated: 2026-07-01 12:34- CWE-328 - Use of weak hash
| Vendor | Product | Version | |
|---|---|---|---|
| BMC | Control-M/Enterprise Manager |
Unaffected:
9.0.21
(semver)
Affected: 9.0.20 , < 9.0.21 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-10540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T12:33:32.876658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T12:34:11.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Control-M/Enterprise Manager",
"vendor": "BMC",
"versions": [
{
"status": "unaffected",
"version": "9.0.21",
"versionType": "semver"
},
{
"lessThan": "9.0.21",
"status": "affected",
"version": "9.0.20",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jean-Romain Garnier from [Airbus Security Lab](https://airbus-seclab.github.io) - \u003cvuln@airbus.com\u003e"
},
{
"lang": "en",
"type": "finder",
"value": "Quentin Liddell from [Airbus Security Lab](https://airbus-seclab.github.io) - \u003cvuln@airbus.com\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versions"
}
],
"value": "The Control-M/Enterprise Manager uses weak protections for stored hashes of account passwords, potentially allowing offline password recovery attacks if credential data is obtained by an attacker. This vulnerability affects Control-M/Enterprise Manager unsupported versions 9.0.20.x and potentially earlier unsupported versions"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328 Use of weak hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T07:52:10.618Z",
"orgId": "24a3c815-5f22-4d74-967a-30958d6466f4",
"shortName": "airbus"
},
"references": [
{
"url": "https://bmcapps.my.site.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA3cx000000GFeDCAW\u0026type=Solution"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Weak password hash protection in Control-M/Entreprise Manager",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "24a3c815-5f22-4d74-967a-30958d6466f4",
"assignerShortName": "airbus",
"cveId": "CVE-2026-10540",
"datePublished": "2026-07-01T07:52:10.618Z",
"dateReserved": "2026-06-01T12:16:12.516Z",
"dateUpdated": "2026-07-01T12:34:11.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8803 (GCVE-0-2026-8803)
Vulnerability from cvelistv5 – Published: 2026-05-18 11:30 – Updated: 2026-05-19 16:20 Disputed| URL | Tags |
|---|---|
| https://vuldb.com/vuln/364436 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/364436/cti | signaturepermissions-required |
| https://vuldb.com/submit/802561 | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| opensourcepos | Open Source Point of Sale |
Affected:
3.4.0
Affected: 3.4.1 Affected: 3.4.2 cpe:2.3:a:opensourcepos:open_source_point_of_sale:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8803",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T16:19:49.176036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T16:20:03.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:opensourcepos:open_source_point_of_sale:*:*:*:*:*:*:*:*"
],
"modules": [
"Employee Login"
],
"product": "Open Source Point of Sale",
"vendor": "opensourcepos",
"versions": [
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.4.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Kamran Saifullah (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee Login. This manipulation causes use of weak hash. Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is considered difficult. The actual existence of this vulnerability is currently in question. The vendor explains: \"[T]he code is still there to allow the upgrade path to work. The default password is initially seeded with the old hash function, but then migrated to a newer one after login. [T]he hash version check might be cleaned up in the future. Currently it\u0027s not actively in use as any password change will use a newer hash function.\""
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:ND/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-18T11:30:08.931Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-364436 | opensourcepos Open Source Point of Sale Employee Login Employee.php login weak hash",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/364436"
},
{
"name": "VDB-364436 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/364436/cti"
},
{
"name": "Submit #802561 | opensourcepos Open Source Point of Sale 3.4.1 Weak Encoding for Password",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/802561"
}
],
"tags": [
"disputed"
],
"timeline": [
{
"lang": "en",
"time": "2026-05-18T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-18T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-18T06:43:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "opensourcepos Open Source Point of Sale Employee Login Employee.php login weak hash"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-8803",
"datePublished": "2026-05-18T11:30:08.931Z",
"dateReserved": "2026-05-18T04:37:54.529Z",
"dateUpdated": "2026-05-19T16:20:03.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7845 (GCVE-0-2026-7845)
Vulnerability from cvelistv5 – Published: 2026-05-05 15:45 – Updated: 2026-05-05 19:23| URL | Tags |
|---|---|
| https://vuldb.com/vuln/361124 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/361124/cti | signaturepermissions-required |
| https://vuldb.com/submit/807794 | third-party-advisory |
| https://github.com/chatchat-space/Langchain-Chatc… | issue-tracking |
| https://github.com/3em0/cve_repo/blob/main/Langch… | exploit |
| https://github.com/chatchat-space/Langchain-Chatchat/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| chatchat-space | Langchain-Chatchat |
Affected:
0.3.1.0
Affected: 0.3.1.1 Affected: 0.3.1.2 Affected: 0.3.1.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7845",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-05T17:48:07.236978Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T19:23:08.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/issues/5462"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Vision Chat Paste Image Handler"
],
"product": "Langchain-Chatchat",
"vendor": "chatchat-space",
"versions": [
{
"status": "affected",
"version": "0.3.1.0"
},
{
"status": "affected",
"version": "0.3.1.1"
},
{
"status": "affected",
"version": "0.3.1.2"
},
{
"status": "affected",
"version": "0.3.1.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Dem00 (VulDB User)"
},
{
"lang": "en",
"type": "coordinator",
"value": "VulDB CNA Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument paste_image.image_data causes use of weak hash. The attacker needs to be present on the local network. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.4,
"vectorString": "AV:A/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T15:45:12.138Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-361124 | chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/361124"
},
{
"name": "VDB-361124 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/361124/cti"
},
{
"name": "Submit #807794 | chatchat-space Langchain-Chatchat 0.3.1.3 Weak Hash / CWE-328",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/807794"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/issues/5462"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/3em0/cve_repo/blob/main/Langchain-Chatchat/Vuln-1-tobytes-Hash-Collision.md"
},
{
"tags": [
"product"
],
"url": "https://github.com/chatchat-space/Langchain-Chatchat/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-05T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-05-05T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-05-05T12:26:13.000Z",
"value": "VulDB entry last update"
}
],
"title": "chatchat-space Langchain-Chatchat Vision Chat Paste Image dialogue.py PIL.Image.tobytes weak hash"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7845",
"datePublished": "2026-05-05T15:45:12.138Z",
"dateReserved": "2026-05-05T10:20:53.591Z",
"dateUpdated": "2026-05-05T19:23:08.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-7103 (GCVE-0-2026-7103)
Vulnerability from cvelistv5 – Published: 2026-04-27 08:30 – Updated: 2026-04-27 12:27 X_Freeware| URL | Tags |
|---|---|
| https://vuldb.com/vuln/359678 | vdb-entrytechnical-description |
| https://vuldb.com/vuln/359678/cti | signaturepermissions-required |
| https://vuldb.com/submit/800384 | third-party-advisory |
| https://gist.github.com/higordiego/84ae7f08f5c23d… | related |
| https://code-projects.org/ | product |
| Vendor | Product | Version | |
|---|---|---|---|
| code-projects | Chat System |
Affected:
1.0
cpe:2.3:a:code-projects:chat_system:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7103",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-27T12:27:19.588102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T12:27:23.279Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gist.github.com/higordiego/84ae7f08f5c23debebf309de3920bda2"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:code-projects:chat_system:*:*:*:*:*:*:*:*"
],
"modules": [
"MD5 Hash Handler"
],
"product": "Chat System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "c4ttr4ck (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack\u0027s complexity is rated as high. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-27T08:30:10.652Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-359678 | code-projects Chat System MD5 Hash update_user.php weak hash",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/vuln/359678"
},
{
"name": "VDB-359678 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/vuln/359678/cti"
},
{
"name": "Submit #800384 | code-projects Chat System Using PHP 1.0 nsecure Direct Object Reference (IDOR) + SQL Injection + Weak Pa",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/submit/800384"
},
{
"tags": [
"related"
],
"url": "https://gist.github.com/higordiego/84ae7f08f5c23debebf309de3920bda2"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-04-26T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-04-26T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-04-26T11:09:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Chat System MD5 Hash update_user.php weak hash"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-7103",
"datePublished": "2026-04-27T08:30:10.652Z",
"dateReserved": "2026-04-26T09:04:38.568Z",
"dateUpdated": "2026-04-27T12:27:23.279Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-59354 (GCVE-0-2025-59354)
Vulnerability from cvelistv5 – Published: 2025-09-17 19:57 – Updated: 2025-09-18 15:51- CWE-328 - Use of Weak Hash
| URL | Tags |
|---|---|
| https://github.com/dragonflyoss/dragonfly/securit… | x_refsource_CONFIRM |
| https://github.com/dragonflyoss/dragonfly/blob/ma… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| dragonflyoss | dragonfly |
Affected:
< 2.1.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-18T15:51:09.823841Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T15:51:14.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "dragonfly",
"vendor": "dragonflyoss",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the DragonFly2 uses a variety of hash functions, including the MD5 hash, for downloaded files. This allows attackers to replace files with malicious ones that have a colliding hash. This vulnerability is fixed in 2.1.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328: Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T19:57:07.374Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-hx2h-vjw2-8r54",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dragonflyoss/dragonfly/security/advisories/GHSA-hx2h-vjw2-8r54"
},
{
"name": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dragonflyoss/dragonfly/blob/main/docs/security/dragonfly-comprehensive-report-2023.pdf"
}
],
"source": {
"advisory": "GHSA-hx2h-vjw2-8r54",
"discovery": "UNKNOWN"
},
"title": "Dragonfly has weak integrity checks for downloaded files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59354",
"datePublished": "2025-09-17T19:57:07.374Z",
"dateReserved": "2025-09-12T12:36:24.637Z",
"dateUpdated": "2025-09-18T15:51:14.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-55053 (GCVE-0-2025-55053)
Vulnerability from cvelistv5 – Published: 2025-09-09 19:10 – Updated: 2025-09-10 14:03- CWE-328 - Use of Weak Hash
| Vendor | Product | Version | |
|---|---|---|---|
| Baicells | NOVA430e/430i, NOVA436Q, NEUTRINO430, NOVA846 |
Affected:
BaiBLQ_3.0.12 and older versions. BaiBU_DNB4_2.4.9 and older versions
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-55053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T14:03:43.426910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T14:03:48.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NOVA430e/430i, NOVA436Q, NEUTRINO430, NOVA846",
"vendor": "Baicells",
"versions": [
{
"status": "affected",
"version": "BaiBLQ_3.0.12 and older versions. BaiBU_DNB4_2.4.9 and older versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Shahaf Levi"
}
],
"datePublic": "2025-09-09T19:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CWE-328: Use of Weak Hash\u003cbr\u003e"
}
],
"value": "CWE-328: Use of Weak Hash"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328: Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T19:10:49.874Z",
"orgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"shortName": "INCD"
},
"references": [
{
"url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0"
}
],
"source": {
"advisory": "ILVN-2025-0246",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a57ee1ae-c9c1-4f40-aa7b-cf10760fde3f",
"assignerShortName": "INCD",
"cveId": "CVE-2025-55053",
"datePublished": "2025-09-09T19:10:49.874Z",
"dateReserved": "2025-08-06T11:04:25.088Z",
"dateUpdated": "2025-09-10T14:03:48.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49197 (GCVE-0-2025-49197)
Vulnerability from cvelistv5 – Published: 2025-06-12 14:23 – Updated: 2025-06-17 19:03- CWE-328 - Use of Weak Hash
| URL | Tags |
|---|---|
| https://sick.com/psirt | x_SICK PSIRT Website |
| https://cdn.sick.com/media/docs/1/11/411/Special_… | x_SICK Operating Guidelines |
| https://www.cisa.gov/resources-tools/resources/ic… | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2025/… | vendor-advisory |
| https://www.sick.com/.well-known/csaf/white/2025/… | vendor-advisoryx_csaf |
| Vendor | Product | Version | |
|---|---|---|---|
| SICK AG | SICK Media Server |
Affected:
0 , < 1.5
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T14:39:19.530150Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:03:20.901Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SICK Media Server",
"vendor": "SICK AG",
"versions": [
{
"lessThan": "1.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ccode\u003eThe application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account.\u003c/code\u003e"
}
],
"value": "The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328 Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T14:23:04.373Z",
"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"shortName": "SICK AG"
},
"references": [
{
"tags": [
"x_SICK PSIRT Website"
],
"url": "https://sick.com/psirt"
},
{
"tags": [
"x_SICK Operating Guidelines"
],
"url": "https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF"
},
{
"tags": [
"x_ICS-CERT recommended practices on Industrial Security"
],
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"tags": [
"x_CVSS v3.1 Calculator"
],
"url": "https://www.first.org/cvss/calculator/3.1"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf"
},
{
"tags": [
"vendor-advisory",
"x_csaf"
],
"url": "https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ccode\u003eIt is strongly recommended to upgrade to the latest version.\u003c/code\u003e"
}
],
"value": "It is strongly recommended to upgrade to the latest version."
}
],
"source": {
"advisory": "sca-2025-0007",
"discovery": "INTERNAL"
},
"title": "Deprecated TLS version supported",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988",
"assignerShortName": "SICK AG",
"cveId": "CVE-2025-49197",
"datePublished": "2025-06-12T14:23:04.373Z",
"dateReserved": "2025-06-03T05:58:15.616Z",
"dateUpdated": "2025-06-17T19:03:20.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-48931 (GCVE-0-2025-48931)
Vulnerability from cvelistv5 – Published: 2025-05-28 00:00 – Updated: 2025-05-29 18:57 Exclusively Hosted Service- CWE-328 - Use of Weak Hash
| Vendor | Product | Version | |
|---|---|---|---|
| TeleMessage | service |
Affected:
0 , ≤ 2025-05-05
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-29T18:57:00.512886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T18:57:13.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "service",
"vendor": "TeleMessage",
"versions": [
{
"lessThanOrEqual": "2025-05-05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.2,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328 Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-28T17:05:51.853Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.wired.com/story/how-the-signal-knock-off-app-telemessage-got-hacked-in-20-minutes/"
}
],
"tags": [
"exclusively-hosted-service"
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-48931",
"datePublished": "2025-05-28T00:00:00.000Z",
"dateReserved": "2025-05-28T00:00:00.000Z",
"dateUpdated": "2025-05-29T18:57:13.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-47276 (GCVE-0-2025-47276)
Vulnerability from cvelistv5 – Published: 2025-05-13 15:34 – Updated: 2025-05-13 19:31- CWE-328 - Use of Weak Hash
| URL | Tags |
|---|---|
| https://github.com/ChewKeanHo/Actualizer/security… | x_refsource_CONFIRM |
| https://github.com/ChewKeanHo/Actualizer/issues/1 | x_refsource_MISC |
| https://github.com/openssl/openssl/issues/19340 | x_refsource_MISC |
| https://github.com/ChewKeanHo/Actualizer/commit/3… | x_refsource_MISC |
| https://cheatsheetseries.owasp.org/cheatsheets/Pa… | x_refsource_MISC |
| https://github.com/ChewKeanHo/Actualizer/releases… | x_refsource_MISC |
| https://www.reddit.com/r/debian/comments/1kknzqi/… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| ChewKeanHo | Actualizer |
Affected:
< 1.2.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T19:31:14.270803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T19:31:22.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Actualizer",
"vendor": "ChewKeanHo",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Actualizer is a single shell script solution to allow developers and embedded engineers to create Debian operating systems (OS). Prior to version 1.2.0, Actualizer uses OpenSSL\u0027s \"-passwd\" function, which uses SHA512 instead of a more suitable password hasher like Yescript/Argon2i. All Actualizer users building a full Debian Operating System are affected. Users should upgrade to version 1.2.0 of Actualizer. Existing OS deployment requires manual password changes against the alpha and root accounts. The change will deploy\u0027s Debian\u0027s yescript overriding the older SHA512 hash created by OpenSSL. As a workaround, users need to reset both `root` and \"Alpha\" users\u0027 passwords."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328: Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T15:34:28.801Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/ChewKeanHo/Actualizer/security/advisories/GHSA-v626-chv9-v9qr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/ChewKeanHo/Actualizer/security/advisories/GHSA-v626-chv9-v9qr"
},
{
"name": "https://github.com/ChewKeanHo/Actualizer/issues/1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ChewKeanHo/Actualizer/issues/1"
},
{
"name": "https://github.com/openssl/openssl/issues/19340",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/openssl/openssl/issues/19340"
},
{
"name": "https://github.com/ChewKeanHo/Actualizer/commit/32c9cc232c856f078f8269fba80ce7562bbff86b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ChewKeanHo/Actualizer/commit/32c9cc232c856f078f8269fba80ce7562bbff86b"
},
{
"name": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html"
},
{
"name": "https://github.com/ChewKeanHo/Actualizer/releases/tag/v1.2.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ChewKeanHo/Actualizer/releases/tag/v1.2.0"
},
{
"name": "https://www.reddit.com/r/debian/comments/1kknzqi/actualizer_v110_upgraded",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.reddit.com/r/debian/comments/1kknzqi/actualizer_v110_upgraded"
}
],
"source": {
"advisory": "GHSA-v626-chv9-v9qr",
"discovery": "UNKNOWN"
},
"title": "Actualizer Uses OpenSSL\u0027s \"-passwd\" Function Which Uses SHA512 Under The Hood Instead of Proper Password Hasher like Yescript/Argon2i"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-47276",
"datePublished": "2025-05-13T15:34:28.801Z",
"dateReserved": "2025-05-05T16:53:10.372Z",
"dateUpdated": "2025-05-13T19:31:22.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41762 (GCVE-0-2025-41762)
Vulnerability from cvelistv5 – Published: 2026-03-09 08:17 – Updated: 2026-03-09 20:14- CWE-328 - Use of Weak Hash
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-09T20:02:52.027636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T20:14:04.321Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UBR-01 Mk II",
"vendor": "MBS",
"versions": [
{
"lessThan": "6.0.1.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UBR-02",
"vendor": "MBS",
"versions": [
{
"lessThan": "6.0.1.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "UBR-LON",
"vendor": "MBS",
"versions": [
{
"lessThan": "6.0.1.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Adrien Rey from Cyber Defense Campus Zurich"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Daniel Hulliger from Armasuisse"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates.\u003cbr\u003e"
}
],
"value": "An unauthenticated attacker can abuse the weak hash of the backup generated by the wwwdnload.cgi endpoint to gain unauthorized access to sensitive data, including password hashes and certificates."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328 Use of Weak Hash",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-09T08:17:27.510Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.mbs-solutions.de/mbs-2025-0001"
}
],
"source": {
"defect": [
"CERT@VDE#641895"
],
"discovery": "UNKNOWN"
},
"title": "Secret leak with wwwdnload.cgi",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41762",
"datePublished": "2026-03-09T08:17:27.510Z",
"dateReserved": "2025-04-16T11:18:45.760Z",
"dateUpdated": "2026-03-09T20:14:04.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-51
- Use an adaptive hash function that can be configured to change the amount of computational effort needed to compute the hash, such as the number of iterations ("stretching") or the amount of memory required. Some hash functions perform salting automatically. These functions can significantly increase the overhead for a brute force attack compared to intentionally-fast functions such as MD5. For example, rainbow table attacks can become infeasible due to the high computing overhead. Finally, since computing power gets faster and cheaper over time, the technique can be reconfigured to increase the workload without forcing an entire replacement of the algorithm in use.
- Some hash functions that have one or more of these desired properties include bcrypt [REF-291], scrypt [REF-292], and PBKDF2 [REF-293]. While there is active debate about which of these is the most effective, they are all stronger than using salts with hash functions with very little computing overhead.
- Note that using these functions can have an impact on performance, so they require special consideration to avoid denial-of-service attacks. However, their configurability provides finer control over how much CPU and memory is used, so it could be adjusted to suit the environment's needs.
CAPEC-461: Web Services API Signature Forgery Leveraging Hash Function Extension Weakness
An adversary utilizes a hash function extension/padding weakness, to modify the parameters passed to the web service requesting authentication by generating their own call in order to generate a legitimate signature hash (as described in the notes), without knowledge of the secret token sometimes provided by the web service.
CAPEC-68: Subvert Code-signing Facilities
Many languages use code signing facilities to vouch for code's identity and to thus tie code to its assigned privileges within an environment. Subverting this mechanism can be instrumental in an attacker escalating privilege. Any means of subverting the way that a virtual machine enforces code signing classifies for this style of attack.