CVE-2025-68113
Unknown Unknown - Not Provided
HMAC Binding Flaw in ALTCHA Enables Challenge Replay Attacks

Publication date: 2025-12-16

Last updated on: 2025-12-16

Assigner: GitHub, Inc.

Description
ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modified expiration value. This may allow previously solved challenges to be reused beyond their intended lifetime, depending on server-side replay handling and deployment assumptions. The vulnerability primarily impacts abuse-prevention mechanisms such as rate limiting and bot mitigation. It does not directly affect data confidentiality or integrity. This issue has been addressed by enforcing explicit semantic separation between challenge parameters and the nonce during HMAC computation. Users are advised to upgrade to patched versions, which include version 1.0.0 of the altcha Golang package, version 1.0.0 of the altcha Rubygem, version 1.0.0 of the altcha pip package, version 1.0.0 of the altcha Erlang package, version 1.4.1 of the altcha-lib npm package, version 1.3.1 of the altcha-org/altcha Composer package, and version 1.3.0 of the org.altcha:altcha Maven package. As a mitigation, implementations may append a delimiter to the end of the `salt` value prior to HMAC computation (for example, `<salt>?expires=<time>&`). This prevents ambiguity between parameters and the nonce and is backward-compatible with existing implementations, as the delimiter is treated as a standard URL parameter separator.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-15
NVD
CVE-2025-68113
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
altcha altcha 1.0.0
altcha altcha 1.3.1
altcha altcha 1.4.1
altcha altcha 1.3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.
CWE-115 The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-68113 is a cryptographic semantic binding flaw in the ALTCHA libraries used for captcha and bot protection. The vulnerability arises because the HMAC signature does not clearly bind the challenge parameters to the nonce, allowing an attacker to splice challenge payloads. This means an attacker can take a valid proof-of-work submission and modify its expiration value, enabling replay attacks where previously solved challenges are reused beyond their intended lifetime. This flaw primarily affects abuse-prevention mechanisms like rate limiting and bot mitigation but does not directly compromise data confidentiality or integrity. The issue is fixed by enforcing explicit separation between challenge parameters and the nonce during HMAC computation, typically by appending a delimiter (such as an ampersand '&') to the salt value to prevent ambiguity and parameter splicing. [5]

Impact Analysis

This vulnerability can impact you by allowing attackers to bypass abuse-prevention controls such as rate limiting and bot mitigation. Specifically, attackers can replay previously solved challenges by modifying the expiration value, effectively reusing valid proof-of-work submissions beyond their intended lifetime. This can lead to increased automated abuse or bot activity on your systems that rely on ALTCHA for protection. However, it does not directly affect the confidentiality or integrity of your data but compromises the integrity of the proof-of-work validation process. [5]

Detection Guidance

Detection of this vulnerability involves checking for replay attacks where previously solved challenges are reused beyond their intended lifetime due to improper binding of challenge parameters to the nonce. Since the vulnerability is related to cryptographic parameter splicing in the salt value, one practical approach is to monitor for repeated or replayed proof-of-work submissions with modified expiration values. Specific commands are not provided in the resources, but detection could involve logging and analyzing challenge payloads for reused or manipulated salt parameters, especially those lacking the proper delimiter ("&") at the end. Additionally, verifying the version of the altcha libraries in use can help detect vulnerable deployments by checking if the versions are prior to the patched releases (e.g., altcha-lib npm < 1.4.1, altcha-lib-java < 1.3.0, altcha-lib-php < 1.3.1, altcha Golang package < 1.0.0). [5]

Mitigation Strategies

Immediate mitigation steps include upgrading all affected altcha libraries to the patched versions that address CVE-2025-68113. These versions include altcha Golang package 1.0.0, altcha Rubygem 1.0.0, altcha pip package 1.0.0, altcha Erlang package 1.0.0, altcha-lib npm package 1.4.1, altcha-org/altcha Composer package 1.3.1, and org.altcha:altcha Maven package 1.3.0. If upgrading immediately is not possible, a recommended workaround is to append a delimiter character (such as an ampersand '&') to the end of the salt value before HMAC computation (e.g., "<salt>?expires=<time>&"). This prevents ambiguity between challenge parameters and the nonce, blocking parameter splicing attacks. The fix involves ensuring the salt string ends with an ampersand to separate parameters properly, as implemented in multiple language libraries. Additionally, applying patches that enforce this delimiter and adding tests to reject tampered salts will mitigate the risk of replay attacks exploiting this vulnerability. [5, 2, 3, 4, 6, 7, 8, 9, 10]

Compliance Impact

The vulnerability primarily impacts abuse-prevention mechanisms such as rate limiting and bot mitigation by allowing replay attacks through challenge payload splicing. It does not directly affect data confidentiality or integrity. Therefore, it does not directly compromise personal data protection or violate data privacy regulations like GDPR or HIPAA. However, because it may allow bypassing abuse-prevention controls, organizations relying on ALTCHA for security may face increased risk of automated abuse or denial of service, which could indirectly affect compliance if such abuse leads to unauthorized access or service disruption. Users are advised to upgrade to patched versions to mitigate these risks. [5]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68113. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart