CVE-2025-15604

| EUVD-2025-209114 CRITICAL
2026-03-28 CPANSec GHSA-7r2j-hgh9-jqqx
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 19:00 vuln.today
EUVD ID Assigned
Mar 28, 2026 - 19:00 euvd
EUVD-2025-209114
CVE Published
Mar 28, 2026 - 18:43 nvd
CRITICAL 9.8

Tags

CSRF

Description

Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes by concatenating a SHA-1 hash seeded with the built-in rand() function, the PID, and the high resolution epoch time. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Before version 6.06, there was no fallback when /dev/urandom was not available. Before version 6.04, the random_string function used the built-in rand() function to generate a mixed-case alphanumeric string. This function may be used for generating session ids, generating secrets for signing or encrypting cookie session data and generating tokens used for Cross Site Request Forgery (CSRF) protection.

Analysis

Amon2 for Perl versions before 6.17 use cryptographically weak random number generation for security-critical functions including session IDs, cookie signing secrets, and CSRF tokens. Versions 6.06-6.16 fall back to SHA-1 hashes seeded with predictable inputs (process ID from a small set, guessable epoch time, and the unsuitable built-in rand() function) when /dev/urandom is unavailable; versions before 6.06 relied entirely on built-in rand(). No CVSS vector or EPSS data is available, and no public exploit code or active exploitation has been confirmed, but the weakness directly undermines session security and CSRF protection in affected applications.

Technical Context

Amon2 is a Perl web application framework (CPE: cpe:2.3:a:tokuhirom:amon2:*:*:*:*:*:*:*:*) that implements the random_string function to generate cryptographic material for web session management and token generation. The vulnerability falls under CWE-340 (Generation of Predictable Numbers or Identifiers from a Seed). In versions 6.06-6.16, the function attempts to read from /dev/urandom but falls back to concatenating a SHA-1 hash derived from three inputs: Perl's built-in rand() function (which is a pseudorandom number generator unsuitable for cryptographic use), the process identifier (constrained to a small numeric range), and high-resolution epoch time (often visible in HTTP Date headers or otherwise guessable within a narrow window). Versions before 6.06 had no fallback mechanism; versions before 6.04 used only the built-in rand() function directly. The random_string output is used for session ID generation, deriving secrets for cookie encryption/signing, and generating CSRF protection tokens-all security-critical functions where predictability directly compromises application security.

Affected Products

Amon2 for Perl, versions before 6.17, are affected. Versions 6.06 through 6.16 exhibit the most severe weakness due to the predictable fallback mechanism; versions before 6.06 lacked a fallback entirely; and versions before 6.04 used only built-in rand(). The affected product is identified by CPE cpe:2.3:a:tokuhirom:amon2:*:*:*:*:*:*:*:* and is available on CPAN (Comprehensive Perl Archive Network). See https://metacpan.org/release/TOKUHIROM/Amon2-6.17 for release details and the change history at https://metacpan.org/release/TOKUHIROM/Amon2-6.17/changes.

Remediation

Upgrade Amon2 to version 6.17 or later, which replaces the weak random_string implementation with cryptographically secure random number generation. The fix is documented in the diff at https://metacpan.org/release/TOKUHIROM/Amon2-6.17/diff/TOKUHIROM/Amon2-6.16#lib/Amon2/Util.pm and was implemented via pull request https://github.com/tokuhirom/Amon/pull/135. No workaround is available for versions prior to 6.17; patching is the only remediation. Administrators should audit applications using affected Amon2 versions to identify all session IDs, CSRF tokens, and cookie signing secrets generated during the vulnerable period and consider invalidating them or implementing additional integrity checks. For guidance on secure random data generation in Perl, refer to https://security.metacpan.org/docs/guides/random-data-for-security.html.

Priority Score

49
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +49
POC: 0

Share

CVE-2025-15604 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy