CVE-2025-51540

Name of the Vulnerable Software and Affected Versions: EzGED3 versions 3.5.0 through 3.5.72.27183

Description: EzGED3 stores user passwords using an insecure hashing scheme: md5(md5(password)). This hashing method is cryptographically weak, allowing attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm makes it feasible to recover plaintext credentials using precomputed tables or GPU-based cracking tools.

Recommendations: Update EzGED3 to version 3.5.72.27183 or later.