CVE-2025-48187

RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is no rate limiting.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/infiniflow/ragflow/commits/main/
https://www.cnblogs.com/qiushuo/p/18881084
https://www.cnblogs.com/qiushuo/p/18881084

Configurations

No configuration.

History

19 May 2025, 16:15

Type	Values Removed	Values Added
References	~~() https://www.cnblogs.com/qiushuo/p/18881084 -~~	() https://www.cnblogs.com/qiushuo/p/18881084 -

19 May 2025, 13:35

Type	Values Removed	Values Added
Summary		(es) RAGFlow, hasta la versión 0.18.1, permite el robo de cuentas, ya que es posible realizar ataques de fuerza bruta contra códigos de verificación de correo electrónico para realizar registros, inicios de sesión y restablecimientos de contraseña arbitrarios. Los códigos tienen seis dígitos y no tienen límite de velocidad.

17 May 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-17 13:15

Updated : 2025-05-19 16:15

NVD link : CVE-2025-48187

Mitre link : CVE-2025-48187

CVE.ORG link : CVE-2025-48187

JSON object : View

Products Affected

No product.

CWE

CWE-307

Improper Restriction of Excessive Authentication Attempts

9.1 /10