CVE-2025-3177

Low CVSS: 2.3

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key
. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Vendor

Fastcms Project

Product

Fastcms

CWE

CWE-320

Yayın Tarihi

2025-04-03 20:15:27

Güncelleme

2025-04-08 19:40:08

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-320 Fastcms LOW Fastcms Project 2025

Referanslar

https://github.com/chujianxin0101/vuln/issues/2 https://vuldb.com/?ctiid.303136 https://vuldb.com/?id.303136 https://vuldb.com/?submit.543673 https://github.com/chujianxin0101/vuln/issues/2

Benzer Kayıtlar

High

CVE-2026-26682

An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java compo…

Medium

CVE-2025-2593

A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Affected by this vulnerability is an u…

Medium

CVE-2025-1332

A vulnerability has been found in FastCMS up to 0.1.5 and classified as problematic. This vulnerability affects unknown…