CVE-2025-66910

Medium CVSS: 6.0

Turms Server v0.10.0-SNAPSHOT and earlier contains a plaintext password storage vulnerability in the administrator authentication system. The BaseAdminService class caches administrator passwords in plaintext within AdminInfo objects to optimize authentication performance. Upon successful login, raw passwords are stored unencrypted in memory in the rawPassword field. Attackers with local system access can extract these passwords through memory dumps, heap analysis, or debugger attachment, bypassing bcrypt protection.

Vendor

Turms-im

Product

Turms

CWE

CWE-256

Yayın Tarihi

2025-12-19 15:15:56

Güncelleme

2026-01-02 19:50:30

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-256 Turms MEDIUM Turms-im 2025

Referanslar

https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66910_report.md https://github.com/turms-im/turms https://github.com/turms-im/turms/blob/develop/turms-server-common/src/main/java/im/turms/server/common/domain/admin/bo/AdminInfo.java#L34 https://github.com/turms-im/turms/blob/develop/turms-server-common/src/main/java/im/turms/server/common/domain/admin/service/BaseAdminService.java#L237

Benzer Kayıtlar

Medium

CVE-2025-66906

Cross Site Request Forgery (CSRF) vulnerability in Turms Admin API thru v0.10.0-SNAPSHOT allows attackers to gain escala…

Medium

CVE-2025-66908

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an improper file type validation vulnerability in the OCR…

High

CVE-2025-66909

Turms AI-Serving module v0.10.0-SNAPSHOT and earlier contains an image decompression bomb denial of service vulnerabilit…

Medium

CVE-2025-66911

Turms IM Server v0.10.0-SNAPSHOT and earlier contains a broken access control vulnerability in the user online status qu…