CVE-2025-2746

nvd nist nuclei

Published: Mar 24, 2025Modified: Nov 6, 2025CISA KEV

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: disclosure@vulncheck.com (Secondary)

Description

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172.

Affected (1)

Products: Kentico: Xperience

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kentico Xperience	Up to 13.0.172

Related CWEs

Authentication Bypass Using an Alternate Path or Channel

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

References (5)

https://devnet.kentico.com/download/hotfixes

Source: disclosure@vulncheck.com

Patch

https://github.com/watchtowrlabs/kentico-xperience13-AuthBypass-wt-2025-0011

Source: disclosure@vulncheck.com

Third Party Advisory

https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rce-chain-s-in-kentico-xperience-cms/

Source: disclosure@vulncheck.com

ExploitThird Party Advisory

https://www.vulncheck.com/advisories/kentico-xperience-staging-sync-server-digest-password-authentication-bypass

Source: disclosure@vulncheck.com

Third Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-2746

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

Timeline

No history available yet.