CRITICAL🇵🇱 Wersja polska

CVE-2025-59827

CVSS 9.8v3.1pub. 2025-09-24upd. 2025-10-08

Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpoint lacks proper access control, allowing any authenticated user to assign high-privilege badges (e.g., Staff) to themselves. This could lead to privilege escalation and impersonation of administrative roles. This issue has been patched in version 2.2.0.

🤖 AI Analysis
How it works

The endpoint /api/admin/assign-badge intended for administrative badge assignment does not implement proper access control (CWE-862 — Missing Authorization). Any authenticated user can send a request to this endpoint and independently assign themselves a high-privilege badge, such as Staff. No administrative role or additional server-side identity verification is required.

Impact

An attacker with any user account can obtain administrative privileges (privilege escalation) and impersonate a Staff role or other privileged role on the platform, which could lead to complete takeover of the CTF system.

Mitigation & patch

Flag Forge should be updated to version 2.2.0, in which the vulnerability was patched by the vendor.

Who is affected

Flag Forge version 2.1.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Flagforge

    APP
    Flagforge
    2.1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2025-61777CRITICAL9.4PL ✓ten sam produkt

Flagforge: brak uwierzytelnienia w endpointach szablonów odznak

CVE-2025-59841CRITICAL9.8PL ✓ten sam produkt

FlagForge: nieprawidłowe unieważnianie sesji po wylogowaniu

CVE-2026-21868HIGH7.5ten sam produkt

Flag Forge is a Capture The Flag (CTF) platform. Versions 2.3.2 and below have a Regular Expression Denial of ...

CVE-2025-59932HIGH8.6ten sam produkt

Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.1, the /api/resources endpo...

CVE-2025-59833HIGH7.5ten sam produkt

Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET ...