CVE-2025-9239

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-9239

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-9239.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-9239

Published

2025-08-20T18:15:37.280Z

Modified

2025-11-17T02:52:30.651983Z

Severity

3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STR_PARAM with the input Passw0rd leads to inadequate encryption strength. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be difficult.

References

Affected packages

Git / github.com/elunez/eladmin

Affected ranges

Type: GIT
Repo: https://github.com/elunez/eladmin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

39d480938d27a9630d632578c3ef60cf3647a79e

Affected versions

v2.*

v2.7