CVE-2025-66910 — MEDIUM (6.0)

Vulnerability Description

Turms Server v0.10.0-SNAPSHOT and earlier contains a plaintext password storage vulnerability in the administrator authentication system. The BaseAdminService class caches administrator passwords in plaintext within AdminInfo objects to optimize authentication performance. Upon successful login, raw passwords are stored unencrypted in memory in the rawPassword field. Attackers with local system access can extract these passwords through memory dumps, heap analysis, or debugger attachment, bypassing bcrypt protection.

CVSS Score

6.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Turms-Im	Turms	0.10.0-snapshot

Related Weaknesses (CWE)

CWE-532 CWE-256

References

https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66910_report.mdExploitThird Party Advisory
https://github.com/turms-im/turmsProduct
https://github.com/turms-im/turms/blob/develop/turms-server-common/src/main/javaProduct
https://github.com/turms-im/turms/blob/develop/turms-server-common/src/main/javaProduct

FAQ

What is CVE-2025-66910?

CVE-2025-66910 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Turms Server v0.10.0-SNAPSHOT and earlier contains a plaintext password storage vulnerability in the administrator authentication system. The BaseAdminService class caches administrator passwords in p...

How severe is CVE-2025-66910?

CVE-2025-66910 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-66910?

Check the references section above for vendor advisories and patch information. Affected products include: Turms-Im Turms.