Vulnerability Description
reNgine is an automated reconnaissance framework for web applications. A vulnerability was discovered in reNgine, where **an insider attacker with any role** (such as Auditor, Penetration Tester, or Sys Admin) **can extract sensitive information from other reNgine users.** After running a scan and obtaining vulnerabilities from a target, the attacker can retrieve details such as `username`, `password`, `email`, `role`, `first name`, `last name`, `status`, and `activity information` by making a GET request to `/api/listVulnerability/`. This issue has been addressed in version 2.2.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Yogeshojha | Rengine | < 2.2.0 |
Related Weaknesses (CWE)
References
- https://github.com/yogeshojha/rengine/commit/a658b8519f1a3347634b04733cf91ed933aPatch
- https://github.com/yogeshojha/rengine/security/advisories/GHSA-r3fp-xr9f-wv38ExploitVendor Advisory
FAQ
What is CVE-2025-24899?
CVE-2025-24899 is a vulnerability with a CVSS score of 7.5 (HIGH). reNgine is an automated reconnaissance framework for web applications. A vulnerability was discovered in reNgine, where **an insider attacker with any role** (such as Auditor, Penetration Tester, or S...
How severe is CVE-2025-24899?
CVE-2025-24899 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-24899?
Check the references section above for vendor advisories and patch information. Affected products include: Yogeshojha Rengine.