CVE-2025-25749

CVSS v3.1

7.1

High

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions: HotelDruid versions 3.0.7 and earlier

Description: The issue allows users to set weak passwords due to the lack of enforcement of password strength policies.

Recommendations: For HotelDruid versions 3.0.7 and earlier, consider implementing a custom password strength policy to enforce strong passwords until a patch is available. As a temporary workaround, restrict the ability of users to set weak passwords by configuring the system to require a minimum password length and complexity.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-521

Related Identifiers

CVE-2025-25749

Affected Products

Debian

Hoteldruid

CVE-2025-25749

Weakness Enumeration

Related Identifiers

Affected Products

References · 15