CVE-2025-65185
Unknown Unknown - Not Provided
Username Enumeration via OTP in Entrinsik Informer v

Publication date: 2025-12-17

Last updated on: 2025-12-17

Assigner: MITRE

Description
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code and new password then reviewing application responses.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-17
Last Modified
2025-12-17
Generated
2026-06-16
AI Q&A
2025-12-17
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65185
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
entrinsik informer 5.10.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-203 The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-65185 is a username enumeration vulnerability in Entrinsik Informer version 5.10.1. It occurs in the 'Forgot Password' functionality, where an attacker can enter a username and observe different application responses depending on whether the username exists. For valid usernames, the application returns a 422 error indicating an incorrect code, while for invalid usernames, it returns a 404 error stating the user was not found. This discrepancy allows attackers to automate the discovery of valid usernames by analyzing these responses. [2]

Impact Analysis

This vulnerability allows attackers to identify valid usernames within the Entrinsik Informer application. Knowing valid usernames facilitates more targeted attacks such as password spraying and helps attackers map user roles within the environment, increasing the risk of unauthorized access and potential compromise of sensitive information. [2]

Detection Guidance

This vulnerability can be detected by sending POST requests to the /api/change-password endpoint with various usernames and analyzing the application's responses. For valid usernames, the response is a 422 Unprocessable Entity error indicating an incorrect code, while for invalid usernames, the response is a 404 Not Found error stating the user was not found. Tools like Burp Suite's intruder can automate this process to enumerate usernames based on these differing responses. [2]

Mitigation Strategies

Immediate mitigation steps include standardizing the application's responses so they do not reveal whether a username is valid. For example, always respond with a generic message such as 'An email has been sent with password reset instructions. If you do not receive an email within 5 minutes, please try again,' regardless of username validity. Additionally, login error messages should be generic like 'Invalid credentials,' and timing and response size differences should be minimized to prevent side-channel username enumeration. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65185. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart