CVE-2025-67504

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

W

BCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5.

References

Link	Resource
https://cwe.mitre.org/data/definitions/338.html	Technical Description
https://github.com/WBCE/WBCE_CMS/commit/5d59fe021a5c6e469b1bf192b72ca652e54278f6	Patch
https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.5	Release Notes
https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6	Exploit Vendor Advisory
https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wbce:wbce_cms:*:*:*:*:*:*:*:*

History

11 Dec 2025, 15:52

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-09 16:18

Updated : 2025-12-11 15:52

NVD link : CVE-2025-67504

Mitre link : CVE-2025-67504

CVE.ORG link : CVE-2025-67504

JSON object : View

Products Affected

wbce_cms

CWE

CWE-331

Insufficient Entropy

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

{"id": "CVE-2025-67504", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-12-09T16:18:24.237", "references": [{"url": "https://cwe.mitre.org/data/definitions/338.html", "tags": ["Technical Description"], "source": "[email protected]"}, {"url": "https://github.com/WBCE/WBCE_CMS/commit/5d59fe021a5c6e469b1bf192b72ca652e54278f6", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://github.com/WBCE/WBCE_CMS/releases/tag/1.6.5", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6", "tags": ["Exploit", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://github.com/WBCE/WBCE_CMS/security/advisories/GHSA-76gj-pmvx-jcc6", "tags": ["Exploit", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-331"}, {"lang": "en", "value": "CWE-338"}]}], "descriptions": [{"lang": "en", "value": "WBCE CMS is a content management system. Versions 1.6.4 and below use function GenerateRandomPassword() to create passwords using PHP's rand(). rand() is not cryptographically secure, which allows password sequences to be predicted or brute-forced. This can lead to user account compromise or privilege escalation if these passwords are used for new accounts or password resets. The vulnerability is fixed in version 1.6.5."}], "lastModified": "2025-12-11T15:52:28.497", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wbce:wbce_cms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D38CBB88-838C-4D43-B04B-0923D07D2F08", "versionEndExcluding": "1.6.5"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}