Account Takeover Vulnerability in langgenius/dify by Weak PRNG
CVE-2025-1796
7.5HIGH
Summary
A security vulnerability in langgenius/dify version 0.10.1 allows attackers to exploit a suboptimal pseudo-random number generator for generating password reset codes, potentially enabling unauthorized account access. The application uses a non-cryptographic PRNG method (random.randint
), making it possible for adversaries to predict future password reset codes after gaining access to workflow tools. This exploit could lead to a complete compromise of user accounts, including those of administrators.
Affected Version(s)
langgenius/dify <= unspecified
References
CVSS V3.0
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved