CVE-2025-1796

Published: Mar 20, 2025

Modified: Oct 15, 2025

PUBLISHED

CVSS v3.0

7.5

HIGH

Description

A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PRNG) used for generating password reset codes. The application uses `random.randint` for this purpose, which is not suitable for cryptographic use and can be cracked. An attacker with access to workflow tools can extract the PRNG output and predict future password reset codes, leading to a complete compromise of the application.

Vendor	Product	Versions
langgenius	langgenius/dify	affected `unspecified - <= latest`

Weaknesses (CWE)

CWE-338

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://huntr.com/bounties/a60f3039-5394-4e22-8de7-a7da9c6a6e00

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-1796

Description

Affected Products

Weaknesses (CWE)

CVSS v3.0 Details

References