Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Lifecycle Timeline
4DescriptionCVE.org
Raytha CMS does not have any brute force protection mechanism implemented. It allows an attacker to send multiple automated logon requests without triggering lockout, throttling, or step-up challenges.
This issue was fixed in version 1.4.6.
AnalysisAI
Raytha CMS lacks brute force protection mechanisms, allowing attackers to conduct unlimited automated login attempts without triggering account lockout, rate limiting, or multi-factor authentication challenges. Versions prior to 1.4.6 are affected, and an attacker can systematically enumerate valid usernames and crack passwords through high-volume credential stuffing attacks. The vulnerability represents a significant authentication bypass risk that could lead to unauthorized administrative access depending on password strength and user enumeration feasibility.
Technical ContextAI
This vulnerability falls under CWE-307 (Improper Restriction of Rendered UI Layers or Frames), which encompasses authentication control weaknesses including the absence of brute force protections. Raytha CMS, a content management system, implements user authentication without implementing industry-standard defensive measures such as account lockout after failed attempts, exponential backoff delays, CAPTCHA challenges, or IP-based rate limiting. The root cause is insufficient input validation and state management in the authentication handler, allowing the application to process unlimited login requests in rapid succession without any throttling mechanism or consecutive failure tracking per user account or source IP.
RemediationAI
Upgrade Raytha CMS to version 1.4.6 or later immediately, as this version includes implemented brute force protection. Prior to patching, implement compensating controls: enforce account lockout policies at the application or reverse proxy level using tools like ModSecurity or Fail2ban to block IPs after five failed login attempts within a 15-minute window, enable MFA for all administrative accounts to reduce the impact of credential compromise, implement rate limiting at the reverse proxy level (e.g., 5 requests per minute per IP), and monitor authentication logs for suspicious patterns. If an on-premises deployment, restrict administrative access to known IP ranges via firewall rules and consider implementing a WAF with built-in brute force detection rules.
SQL injection in Raytha CMS 1.5.2 lets a remote, unauthenticated attacker inject arbitrary SQL through the OData filter
A code injection vulnerability in Raytha CMS's Functions module allows privileged users to execute arbitrary .NET operat
A host header injection vulnerability in Raytha CMS allows attackers to hijack password reset tokens by spoofing X-Forwa
Raytha CMS contains a user enumeration vulnerability in its password reset functionality where differing error messages
Raytha CMS contains a Cross-Site Request Forgery (CSRF) vulnerability across multiple endpoints that fails to enforce to
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the profile editing functionality, specifically
Raytha CMS contains a Reflected Cross-Site Scripting (XSS) vulnerability in the logon functionality's returnUrl paramete
Raytha CMS contains a reflected cross-site scripting (XSS) vulnerability in the backToListUrl parameter that allows unau
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the page creation functionality through the Fie
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the post editing functionality, specifically wi
Raytha CMS contains a Server-Side Request Forgery (SSRF) vulnerability in its Theme Import from URL feature that allows
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-208717