logo_clicknbuy.png

CVE-2025-8549 – “Atjiu Pybbs Password Weakness”

The following table lists the changes that have been made to the
CVE-2025-8549 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Aug. 05, 2025

    Action Type Old Value New Value
    Added Description A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as d09cb19a8e7d7e5151282926ada54080244d499f. It is recommended to apply a patch to fix this issue.
    Added CVSS V4.0 AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CVSS V3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
    Added CVSS V2 (AV:N/AC:H/Au:N/C:P/I:N/A:N)
    Added CWE CWE-521
    Added Reference https://github.com/atjiu/pybbs/commit/d09cb19a8e7d7e5151282926ada54080244d499f
    Added Reference https://github.com/atjiu/pybbs/issues/201
    Added Reference https://github.com/atjiu/pybbs/issues/201#issue-3256288016
    Added Reference https://github.com/atjiu/pybbs/issues/201#issuecomment-3134733216
    Added Reference https://vuldb.com/?ctiid.318678
    Added Reference https://vuldb.com/?id.318678
    Added Reference https://vuldb.com/?submit.622187
Share the Post:

Related Posts