Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability is related to the authentication mechanism in FreshRSS, specifically in the edge branch versions between commits 57e1a37 and 00f2f04. Detection involves identifying if your FreshRSS installation is running a vulnerable edge branch version where password verification is done incorrectly by concatenating a SHA-256 nonce with part of a bcrypt hash.'}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your system, you can check the version or commit of your FreshRSS installation. If it falls within the vulnerable commit range or is an edge branch version prior to the fix in 1.27.2-dev, it is vulnerable.'}, {'type': 'paragraph', 'content': 'Suggested commands to detect the vulnerable version or code presence include:'}, {'type': 'list_item', 'content': 'Check the FreshRSS version: `php freshrss.php --version` or check the version file if available.'}, {'type': 'list_item', 'content': 'Check the Git commit hash if installed from source: `git log -1 --oneline` inside the FreshRSS directory.'}, {'type': 'list_item', 'content': 'Search for the vulnerable code pattern in the authentication file: `grep -r "password_verify(\\$nonce . \\$hash" app/Models/FormAuth.php`'}, {'type': 'list_item', 'content': 'Monitor authentication logs for suspicious login successes with incorrect passwords, which may indicate exploitation attempts.'}] [2, 3]

Useful 0 Not Useful 0

Executive Summary

[{'type': 'paragraph', 'content': "CVE-2025-68402 is a critical authentication bypass vulnerability in FreshRSS, a self-hostable RSS aggregator. The issue arises from how the password verification process concatenates a SHA-256 nonce with part of a bcrypt hash and passes this combined string to PHP's password_verify() function instead of the raw user password."}, {'type': 'paragraph', 'content': 'Because bcrypt only processes the first 72 bytes of its input, and the SHA-256 nonce alone is 64 characters, concatenating the nonce and hash causes truncation. This truncation leads to password_verify() returning true even when an incorrect password is entered, allowing attackers to bypass authentication.'}, {'type': 'paragraph', 'content': 'The vulnerability was introduced in the edge branch between commits 57e1a37 and 00f2f04 and fixed by reversing the order of concatenation between the hash and nonce in both server and client code, ensuring proper password verification.'}] [1, 2, 3]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows an attacker to bypass authentication in FreshRSS by entering any password, effectively gaining unauthorized access to user accounts.

Such unauthorized access can lead to exposure of private RSS feeds, manipulation of user data, and potential further exploitation within the system.

Since the issue affects only the edge branch and never stable releases, users running development versions are at risk until they apply the patch.

Useful 0 Not Useful 0

Compliance Impact

I don't know

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to update FreshRSS to a fixed version where this vulnerability is resolved. The fix is included starting from version 1.27.2-dev (commit 476e57b) and officially in version 1.28.0.

If updating immediately is not possible, consider restricting access to the vulnerable FreshRSS instance to trusted users only, and monitor authentication attempts closely.

Specifically, the fix involves reversing the order of concatenation between the bcrypt hash and the nonce in both server-side PHP and client-side JavaScript code to ensure proper password verification.

Additional security improvements in the fixed release include moving unsafe autologin functionality to an extension, fixing CSRF vulnerabilities, and improving authentication logic.

• Update FreshRSS to version 1.28.0 or later.
• Apply the patch from commit 476e57b if you maintain a custom build.
• Restrict access to the application until the update is applied.
• Monitor logs for unusual authentication activity.

Useful 0 Not Useful 0