Description
Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt. These secrets are generated upon first startup and persisted in the database. An attacker can exploit this by obtaining the administrator's account creation time (via public API endpoints) to narrow the search window for the PRNG seed, and use known hashid to validate the seed. By brute-forcing the seed (demonstrated to take <3 hours on general consumer PC), an attacker can predict the secret_key. This allows them to forge valid JSON Web Tokens (JWTs) for any user, including administrators, leading to full account takeover and privilege escalation. This issue has been patched in version 4.13.0.
Published: 2026-04-03
Score: 8.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Full Account Takeover via forged JWTs
Action: Apply Patch
AI Analysis

Impact

Cloudreve, a self‑hosted file‑management platform, uses the standard math/rand pseudo‑random number generator seeded with the system time to create critical security secrets such as the secret_key and hash_id_salt. Because the seed is predictable, an attacker who can determine the administrator’s account creation time—exposed through public API endpoints—can narrow the search for the PRNG seed. By brute‑forcing this seed, the attacker can recover the secret_key, enabling the creation of valid JSON Web Tokens (JWTs) for any user, including administrators. This results in complete account takeover and privilege escalation.

Affected Systems

Any installation of Cloudreve prior to version 4.13.0 is affected. The vulnerability exists in the default self‑hosted distribution and applies to all products listed under the Cloudreve vendor/product name.

Risk and Exploitability

The CVSS score of 8.1 indicates high severity, and the EPSS score of less than 1% does not negate the practical exploitability demonstrated to require under three hours on a general consumer PC. The vulnerability is not listed in KEV, but the attack vector is remote via exposed APIs, requiring no local access. Given the severity, the likelihood of exploitation is significant for active users running vulnerable versions.

Generated by OpenCVE AI on April 13, 2026 at 19:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cloudreve to version 4.13.0 or later to eliminate the weak PRNG usage and enforce random secret generation.

Generated by OpenCVE AI on April 13, 2026 at 19:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-f8xp-wvcx-p6f4 Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)
History

Mon, 13 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:cloudreve:cloudreve:*:*:*:*:*:*:*:*

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Cloudreve
Cloudreve cloudreve
Vendors & Products Cloudreve
Cloudreve cloudreve

Sat, 04 Apr 2026 05:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Description Cloudreve is a self-hosted file management and sharing system. Prior to version 4.13.0, the application uses the weak pseudo-random number generator math/rand seeded with time.Now().UnixNano() to generate critical security secrets, including the secret_key, and hash_id_salt. These secrets are generated upon first startup and persisted in the database. An attacker can exploit this by obtaining the administrator's account creation time (via public API endpoints) to narrow the search window for the PRNG seed, and use known hashid to validate the seed. By brute-forcing the seed (demonstrated to take <3 hours on general consumer PC), an attacker can predict the secret_key. This allows them to forge valid JSON Web Tokens (JWTs) for any user, including administrators, leading to full account takeover and privilege escalation. This issue has been patched in version 4.13.0.
Title Cloudreve is vulnerable to Account Takeover via Weak Cryptographic Token Generation (Insecure PRNG Seeding)
Weaknesses CWE-338
References
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Cloudreve Cloudreve
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-04T03:21:18.970Z

Reserved: 2026-02-05T16:48:00.426Z

Link: CVE-2026-25726

cve-icon Vulnrichment

Updated: 2026-04-04T03:21:15.441Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-03T20:16:02.263

Modified: 2026-04-13T18:31:43.283

Link: CVE-2026-25726

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:41:48Z

Weaknesses