Arbitrary account takeover in NodeBB
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-36045 |
| CWE-ID | CWE-338 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
NodeBB Web applications / Forum & blogging software |
| Vendor | NodeBB |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
EUVDB-ID: #VU66746
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-36045
CWE-ID:
CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected application.
The vulnerability exists due to usage of weak pseudo-random number generator within the utils.generateUUID function. A remote attacker can use multiple invocations of the password reset functionality to correctly calculate the reset code and take over an arbitrary account on the website.
Install updates from vendor's website.
Vulnerable software versionsNodeBB: 1.0.0 - 2.0.0
External linkshttp://github.com/NodeBB/NodeBB/security/advisories/GHSA-p4cc-w597-6cpm
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
