CISA KEV 정보
| 취약점명 | Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability |
|---|---|
| 설명 | Kentico Xperience CMS contains an authentication bypass using an alternate path or channel vulnerability that could allow an attacker to control administrative objects. |
| 조치사항 | Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. |
| 랜섬웨어 캠페인 악용 | Unknown |
| CWE | CWE-288 |
| 등록일 (KEV) | 2025-10-20 |
| 조치 기한 | 2025-11-10 |
| 추가 참고 | https://devnet.kentico.com/download/hotfixes ; https://nvd.nist.gov/vuln/detail/CVE-2025-2746 |
NVD 상세 정보
CVSS v3.1: 9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H설명: An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172.
CWE: CWE-288
참조
- https://devnet.kentico.com/download/hotfixes [Patch]
- https://github.com/watchtowrlabs/kentico-xperience13-AuthBypass-wt-2025-0011 [Third Party Advisory]
- https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms/ [Exploit, Third Party Advisory]
- https://www.vulncheck.com/advisories/kentico-xperience-staging-sync-server-digest-password-authentication-bypass [Third Party Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2746 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.