CVE-2025-59745 | THREATINT

Description

Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and can be easily cracked with modern hardware, exposing user credentials to potential risks.

PUBLISHED Reserved 2025-09-19 | Published 2025-10-02 | Updated 2025-10-02 | Assigner INCIBE

MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

Product status

Default status

unaffected

v25.03 version

affected

Credits

Maximilian Hildebrand (m10x.de) finder

References

www.incibe.es/...025-multiple-vulnerabilities-andsofts-e-tms

cve.org (CVE-2025-59745)

nvd.nist.gov (CVE-2025-59745)

Download JSON