CVE-2025-65276
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-26

Last updated on: 2025-12-01

Assigner: MITRE

Description
An unauthenticated administrative access vulnerability exists in the open-source HashTech project (https://github.com/henzljw/hashtech) 1.0 thru commit 5919decaff2681dc250e934814fc3a35f6093ee5 (2021-07-02). Due to missing authentication checks on /admin_index.php, an attacker can directly access the admin dashboard without valid credentials. This allows full administrative control including viewing/modifying user accounts, managing orders, changing payments, and editing product listings. Successful exploitation can lead to information disclosure, data manipulation, and privilege escalation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-26
Last Modified
2025-12-01
Generated
2026-06-16
AI Q&A
2025-11-26
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65276
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
henzljw hashtech *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an unauthenticated administrative access issue in the open-source HashTech project versions 1.0 through a specific commit in 2021. Due to missing authentication checks on the /admin_index.php page, an attacker can access the admin dashboard without valid credentials, gaining full administrative control.

Impact Analysis

The vulnerability allows an attacker to view and modify user accounts, manage orders, change payments, and edit product listings. This can lead to information disclosure, data manipulation, and privilege escalation, severely impacting the security and integrity of the system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65276. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart