CVE-2025-54875
BaseFortify
Publication date: 2025-09-29
Last updated on: 2025-10-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| freshrss | freshrss | From 1.16.0 (inc) to 1.27.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in FreshRSS versions 1.16.0 through 1.26.3 allows an unprivileged attacker to create a new admin user when registration is enabled. The attacker exploits a hidden field called new_user_is_admin, which is intended for use only in the user management admin page. This flaw enables unauthorized privilege escalation to admin rights. The issue is fixed in version 1.27.0.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can gain administrative access to the FreshRSS instance without authorization. This can lead to full control over the application, including the ability to modify or delete data, change configurations, and potentially compromise the confidentiality, integrity, and availability of the system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade FreshRSS to version 1.27.0 or later where the issue is fixed. Additionally, if registration is enabled, consider disabling it temporarily until the upgrade is applied to prevent unprivileged users from creating new admin accounts.