Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
Trog::TOTP versions before 1.006 for Perl generate secrets using rand.
Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
AnalysisAI
Insufficient entropy in Trog::TOTP for Perl (versions before 1.006) allows remote attackers to predict TOTP secrets generated using Perl's built-in rand() function, undermining the security of two-factor authentication tokens issued by applications relying on this module. The flaw was reported by CPANSec and a fixed release (1.006) is available on CPAN. No public exploit identified at time of analysis, and the EPSS score is very low (0.02%).
Technical ContextAI
Trog::TOTP is a Perl module distributed via CPAN that implements the Time-Based One-Time Password (TOTP, RFC 6238) algorithm commonly used as a second factor in authentication systems. The root cause maps to CWE-331 (Insufficient Entropy): the module derived TOTP shared secrets via Perl's core rand() function, which is a pseudo-random number generator seeded from low-entropy sources and never intended for cryptographic use. Because TOTP security depends entirely on the secrecy and unpredictability of the shared seed, using a non-CSPRNG means an attacker who can observe or guess the PRNG state can reconstruct the secret and derive valid TOTP codes at any time. Cryptographically secure alternatives such as Crypt::URandom or /dev/urandom-backed sources should be used instead, as is done in the 1.006 release per the published diff on metacpan.org.
RemediationAI
Vendor-released patch: Trog::TOTP 1.006 - upgrade immediately via cpan, cpanm, or your distribution package manager (for example, cpanm Trog::TOTP@1.006), and review the upstream changelog at https://metacpan.org/release/TEODESIAN/Trog-TOTP-1.006/changes and code diff at https://metacpan.org/release/TEODESIAN/Trog-TOTP-1.006/diff/TEODESIAN/Trog-TOTP-1.005 to confirm the rand() call has been replaced with a CSPRNG. Because any TOTP secret generated by a vulnerable version is permanently weak, after upgrading you must rotate (regenerate and re-enroll) every TOTP secret previously issued by the module - patching alone does not retroactively strengthen existing secrets, and failing to rotate leaves accounts exposed even on a patched install. If immediate upgrade is impossible, the only meaningful compensating control is to stop issuing new TOTP secrets via this module (disable enrollment paths that depend on it) and require an alternate second-factor method such as WebAuthn or SMS fallback in the interim; restricting network access does not mitigate the underlying weak-entropy problem because the predictability lives in the generated secret itself.
Same weakness CWE-331 – Insufficient Entropy
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30577
GHSA-x5pc-h62r-4rgx