CVE-2025-69929
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-29

Last updated on: 2026-02-27

Assigner: MITRE

Description
An issue in N3uron Web User Interface v.1.21.7-240207.1047 allows a remote attacker to escalate privileges via the password hashing on the client side using the MD5 algorithm over a predictable string format
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-29
Last Modified
2026-02-27
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-15
NVD
CVE-2025-69929
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
n3uron web_user_interface 1.21.13-250422.0858
n3uron web_user_interface 1.21.6-230825.1720
n3uron web_user_interface 1.21.7-240207.1047
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-69929 is a critical privilege escalation vulnerability in the N3uron Web User Interface. It allows a low-privileged authenticated user to access sensitive information, including password hashes of all registered users. The vulnerability arises from multiple insecure design flaws: excessive data exposure via WebSocket communications, lack of proper authorization checks on sensitive configuration endpoints, and the use of client-side password hashing with the weak MD5 algorithm applied to a predictable string format ('n3@' + password + '@'). The hashing logic is exposed in client-side JavaScript, making offline password cracking easier. An attacker can collect password hashes of higher-privileged users and perform offline cracking to escalate privileges within the application and potentially move laterally to other systems. [1]

Impact Analysis

This vulnerability can allow an attacker with low privileges to obtain password hashes of all users, including high-privileged ones, by exploiting exposed endpoints and weak client-side hashing. The attacker can then perform offline cracking of these hashes to gain higher privileges within the N3uron application. This can lead to unauthorized access to sensitive information, privilege escalation, and lateral movement to other systems by reusing compromised credentials. [1]

Detection Guidance

This vulnerability can be detected by monitoring WebSocket communications for excessive data exposure, especially requests to the Config - Roles - Users/Groups endpoint that return password hashes. Additionally, inspecting client-side JavaScript (/app/app.js) for the presence of MD5 hashing applied to the predictable string format "n3@" + password + "@" can indicate vulnerability. Commands to detect this may include using WebSocket inspection tools or intercepting traffic with tools like Wireshark or Burp Suite to analyze WebSocket responses for user enumeration and password hashes. Also, reviewing the client-side JavaScript files for the hashing logic can be done with commands like `grep -i md5 /path/to/app.js` or similar. [1]

Mitigation Strategies

Immediate mitigation steps include restricting access to the Config - Roles - Users/Groups endpoint by implementing proper authorization checks to prevent unauthorized enumeration of users and password hashes. Disable or replace client-side password hashing using MD5 with a more secure server-side hashing mechanism using a strong algorithm and salt. Additionally, monitor and limit WebSocket communications to avoid excessive data exposure. Applying patches or updates from the vendor when available is also recommended. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69929. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart