CVE-2025-8927
BaseFortify
Publication date: 2025-08-13
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mtons | mblog | to 3.5.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-307 | The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame. |
| CWE-799 | The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8927 is a vulnerability in the mtons mblog application (version 3.5.0 and earlier) affecting the /email/send_code endpoint, which sends verification codes to users' registered email addresses. The endpoint lacks rate limiting and CAPTCHA protection, allowing attackers to perform brute force attacks by repeatedly requesting verification codes. This enables attackers to enumerate or verify valid user email addresses by abusing the verification code sending functionality remotely. The vulnerability arises from improper restriction of excessive authentication attempts via manipulation of the email argument. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to discover which email addresses are registered in your system through brute force attacks on the verification code sending endpoint. This compromises user confidentiality by exposing valid user emails. Although exploitation is considered difficult, it can be done remotely without authentication. The lack of rate limiting and CAPTCHA protection means attackers can automate these attempts, potentially leading to further targeted attacks or abuse of the system's authentication mechanisms. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring repeated requests to the /email/send_code endpoint, especially those that attempt to send verification codes to multiple or the same email addresses in a short timeframe, indicating brute force attempts. Network or application logs can be analyzed for excessive calls to this endpoint without rate limiting. Commands such as using curl or wget in a script to simulate repeated requests can help test if rate limiting or CAPTCHA protections are in place. For example, a command like: curl -X POST https://yourdomain.com/email/send_code -d '[email protected]' repeated multiple times can help detect if the system restricts excessive authentication attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing rate limiting on the /email/send_code endpoint to restrict the number of verification code requests per user or IP address within a certain timeframe. Adding CAPTCHA protection to the verification code request process can also prevent automated brute force attacks. If possible, consider replacing the affected mblog version with a patched or alternative version that addresses this issue, as no known countermeasures currently exist in the affected versions. [1, 2, 3]