CVE-2025-68932
Unknown Unknown - Not Provided
Predictable Token Vulnerability in FreshRSS Enables Account Takeover

Publication date: 2025-12-27

Last updated on: 2025-12-27

Assigner: GitHub, Inc.

Description
FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptographically weak random number generators (mt_rand() and uniqid()) to generate remember-me authentication tokens and challenge-response nonces. This allows attackers to predict valid session tokens, leading to account takeover through persistent session hijacking. The remember-me tokens provide permanent authentication and are the sole credential for "keep me logged in" functionality. This issue has been patched in version 1.28.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-27
Last Modified
2025-12-27
Generated
2026-06-16
AI Q&A
2025-12-27
EPSS Evaluated
2026-06-15
NVD
CVE-2025-68932
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
freshrss freshrss *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-338 The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG's algorithm is not cryptographically strong.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in FreshRSS prior to version 1.28.0 involves the use of weak random number generators (mt_rand() and uniqid()) to create remember-me authentication tokens and challenge-response nonces. Because these tokens are predictable, attackers can guess valid session tokens and hijack user sessions, leading to account takeover. The remember-me tokens allow permanent authentication for the "keep me logged in" feature, making this vulnerability critical for persistent session hijacking.

Impact Analysis

An attacker exploiting this vulnerability can predict authentication tokens and hijack user sessions, resulting in unauthorized access to user accounts. This can lead to account takeover, compromising user data and potentially allowing the attacker to perform actions on behalf of the user without their consent.

Mitigation Strategies

Upgrade FreshRSS to version 1.28.0 or later, as this version patches the vulnerability related to weak random number generators used for authentication tokens. Until the upgrade, consider disabling the 'remember me' or 'keep me logged in' functionality to reduce risk.

Detection Guidance

This vulnerability can be detected by checking if your FreshRSS installation is running a version prior to 1.28.0, as versions up to 1.27.1 use weak token generation methods involving mt_rand() and uniqid(). To detect exploitation attempts or presence of predictable tokens, you can monitor HTTP requests for the FreshRSS_login cookie and analyze token patterns. A practical approach involves capturing the 'FreshRSS_login' cookie from login requests and comparing tokens against those generated by a script mimicking the vulnerable token generation (using mt_rand() and uniqid()). There is no direct built-in command, but you can use network capture tools like tcpdump or Wireshark to capture HTTP traffic and extract cookies. For example, using tcpdump to capture HTTP traffic on port 80: `tcpdump -i any -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep 'Cookie: FreshRSS_login'`. Additionally, you can write or use existing PHP scripts that replicate the vulnerable token generation to predict tokens and test authentication attempts. Monitoring token files in `DATA_PATH/tokens/` for unusual access patterns or brute-force attempts may also help detect exploitation. Ultimately, upgrading to FreshRSS 1.28.0 or later is the recommended mitigation. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68932. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart