CVE-2025-6180— Authentication Hijack

EPSS 0.01% · P2 Updated Aug 22, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-6180

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Authentication Hijack

Source: NVD (National Vulnerability Database)

Vulnerability Description

The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

敏感数据的明文传输

Source: NVD (National Vulnerability Database)

Vulnerability Title

StrongDM Client 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

StrongDM Client是StrongDM公司的一个客户端软件。 StrongDM Client存在安全漏洞，该漏洞源于预认证令牌保护不足，可能导致拦截和重用令牌。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
StrongDM	sdm-cli	0 ~ 47.96.0	-

II. Public POCs for CVE-2025-6180

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-6180

请登录查看更多情报信息。

Same Patch Batch · StrongDM · 2025-08-20 · 4 CVEs total

CVE-2025-6183		Configd Injection
CVE-2025-6181		StrongDM Client 安全漏洞
CVE-2025-6182		Root Certificate Injection

IV. Related Vulnerabilities

Same product: sdm-cli

Same vendor: StrongDM

Same weakness: CWE-319

V. Comments for CVE-2025-6180

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-6180— Authentication Hijack

I. Basic Information for CVE-2025-6180

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-6180

III. Intelligence Information for CVE-2025-6180

Same Patch Batch · StrongDM · 2025-08-20 · 4 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-6180

Leave a comment