Platform
other
Component
flagforge
Opgelost in
2.0.1
CVE-2025-61777 is a critical authentication bypass vulnerability affecting FlagForge versions 2.0.0 through 2.3.1. An attacker can exploit this flaw to access and manipulate badge templates without proper authorization, leading to data exposure and potential database corruption. The vulnerability resides in the /api/admin/badge-templates endpoints and has been resolved in FlagForge version 2.3.2.
This vulnerability presents a significant risk to FlagForge deployments. An unauthenticated attacker can leverage the missing authentication checks on the /api/admin/badge-templates endpoints to retrieve all badge templates and their associated metadata, including createdBy, createdAt, and updatedAt. Beyond data exposure, an attacker could create arbitrary badge templates, potentially injecting malicious code or disrupting the CTF platform's functionality. The impact extends to the integrity and confidentiality of the CTF environment, potentially compromising the fairness and security of challenges. This is akin to a privilege escalation, granting an attacker administrative-level access to a critical component of the platform.
This vulnerability was publicly disclosed on 2025-10-06. There is no indication of this CVE being added to the CISA KEV catalog at this time. The lack of authentication on administrative endpoints is a common vulnerability pattern, and while no public proof-of-concept (PoC) has been observed, the ease of exploitation suggests a potential for active campaigns targeting FlagForge instances.
CTF platform administrators and users are at risk. Specifically, organizations hosting FlagForge instances, particularly those with publicly accessible administration interfaces, are vulnerable. Shared hosting environments running FlagForge are also at increased risk due to the potential for cross-tenant exploitation.
• linux / server: Monitor access logs for requests to /api/admin/badge-templates without authentication headers. Use journalctl to filter for FlagForge API requests and look for unauthorized access attempts.
journalctl -u flagforge -g '/api/admin/badge-templates' -f | grep -i "401 Unauthorized" # Check for failed authentication attempts• generic web: Use curl to attempt accessing the /api/admin/badge-templates endpoint without authentication headers and verify that access is denied after the fix.
curl -I http://<flagforge_host>/api/admin/badge-templates• database (mysql, postgresql): If database access is possible, query the badge_templates table for any unexpected or suspicious entries created after the vulnerability disclosure date.
disclosure
Exploit Status
EPSS
0.03% (7% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation is to immediately upgrade FlagForge to version 2.3.2 or later. If upgrading is not immediately feasible, consider implementing a temporary workaround by adding authentication checks to the /api/admin/badge-templates endpoints. This could involve implementing a basic authentication scheme or restricting access based on user roles. Review existing badge templates for any signs of unauthorized modification. Monitor access logs for suspicious activity targeting the /api/admin/badge-templates endpoints. After upgrading, confirm the fix by attempting to access the /api/admin/badge-templates endpoints without authentication and verifying that access is denied.
Actualice FlagForge a la versión 2.3.2 o posterior. Esta versión corrige la vulnerabilidad que permite el acceso no autenticado a las plantillas de insignias. La actualización requiere autenticación y autorización para acceder y modificar las plantillas.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2025-61777 is a critical vulnerability in FlagForge versions 2.0.0 through 2.3.1 that allows attackers to access badge templates without authentication, potentially exposing sensitive data and enabling database manipulation.
If you are running FlagForge versions 2.0.0 through 2.3.1, you are vulnerable. Upgrade to version 2.3.2 or later to mitigate the risk.
The recommended fix is to upgrade to FlagForge version 2.3.2 or later. As a temporary workaround, implement authentication checks on the /api/admin/badge-templates endpoints.
While no active exploitation has been confirmed, the ease of exploitation suggests a potential for attacks. Continuous monitoring is recommended.
Refer to the official FlagForge security advisory for detailed information and updates: [https://flagforge.org/security/advisories](https://flagforge.org/security/advisories)
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.