harry0703 MoneyPrinterTurbo API Endpoint base.py verify_token missing authentication_CVE-2025-7897

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X

Description

A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this issue is the function verify_token of the file app/controllers/base.py of the component API Endpoint. The manipulation leads to missing authentication. The attack may be launched remotely.

Basic Information

ID CVE-2025-7897

Source VulDB

Published Jul 20, 2025 at 15:02

Modified Jul 21, 2025 at 12:38

Affected Product

Vendor harry0703

Product MoneyPrinterTurbo

Version 1.2.0

Affected Versions harry0703 MoneyPrinterTurbo 1.2.0
harry0703 MoneyPrinterTurbo 1.2.1
harry0703 MoneyPrinterTurbo 1.2.2
harry0703 MoneyPrinterTurbo 1.2.3
harry0703 MoneyPrinterTurbo 1.2.4
harry0703 MoneyPrinterTurbo 1.2.5
harry0703 MoneyPrinterTurbo 1.2.6

CWE Classification

CWE-306 CWE-287

References

{
    "lastseen": "",
    "description": "A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this issue is the function verify_token of the file app/controllers/base.py of the component API Endpoint. The manipulation leads to missing authentication. The attack may be launched remotely.",
    "published": "2025-07-20T15:02:04.770Z",
    "modified": "2025-07-21T12:38:55.383Z",
    "type": "cve",
    "title": "harry0703 MoneyPrinterTurbo API Endpoint base.py verify_token missing authentication",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317012\nhttps://vuldb.com/?ctiid.317012\nhttps://vuldb.com/?submit.609040",
    "id": "CVE-2025-7897",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306",
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "harry0703 MoneyPrinterTurbo 1.2.0\nharry0703 MoneyPrinterTurbo 1.2.1\nharry0703 MoneyPrinterTurbo 1.2.2\nharry0703 MoneyPrinterTurbo 1.2.3\nharry0703 MoneyPrinterTurbo 1.2.4\nharry0703 MoneyPrinterTurbo 1.2.5\nharry0703 MoneyPrinterTurbo 1.2.6",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MoneyPrinterTurbo",
    "version": "1.2.0",
    "vendor": "harry0703",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}