CVE-2025-3177

EUVD-2025-15075
A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key
 . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
fastcms_projectfastcms
0.1.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/chujianxin0101/vuln/issues/2
https://vuldb.com/?ctiid.303136
https://vuldb.com/?id.303136
https://vuldb.com/?submit.543673
https://github.com/chujianxin0101/vuln/issues/2