Cyber Resilience

CVE-2025-2220

MediumPublic PoC

Published: 12 March 2025

Published
12 March 2025
Modified
25 March 2025
KEV Added
Patch
CVSS Score v4 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0004 14.0th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2220 is a medium-severity an unspecified weakness vulnerability in Odysseyautomation Odyssey Cms. Its CVSS base score is 4.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Credentials In Files (T1552.001); ranked at the 14.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-12 (Cryptographic Key Establishment and Management) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-2220 is a key management error vulnerability affecting Odyssey CMS versions up to 10.34. The issue resides in an unknown function within the file /modules/odyssey_contact_form/odyssey_contact_form.php, specifically the reCAPTCHA Handler component. Manipulation of the g-recaptcha-response argument triggers the flaw, classified under CWE-320 with a CVSS v3.1 base score of 3.3 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N), indicating low severity primarily due to limited confidentiality impact.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows limited access to confidential information, such as the reCAPTCHA secret key, but does not impact integrity or availability.

Advisories from VulDB and a GitHub disclosure note that the exploit has been publicly released and may be actively used. The vendor was contacted early but provided no response, and no patches or mitigations are mentioned in available references. Security practitioners should review Odyssey CMS installations for hardcoded reCAPTCHA keys in the affected file and consider upgrading or implementing custom protections if feasible.

EU & UK References

Vulnerability details

A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic. Affected is an unknown function of the file /modules/odyssey_contact_form/odyssey_contact_form.php of the component reCAPTCHA Handler. The manipulation of the argument g-recaptcha-response leads to key management…

more

error. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
T1600.001 Reduce Key Space Defense Impairment
Adversaries may reduce the level of effort required to decrypt data transmitted over the network by reducing the cipher strength of encrypted communications.
Why these techniques?

Hardcoded reCAPTCHA secret key in PHP file enables unsecured credentials discovery in files (T1552.001) and weakens encryption via poor key management/reduced key space (T1600.001).

CVEs Like This One

CVE-2025-11609Shared CWE-320
CVE-2026-6580Shared CWE-320

Affected Assets

odysseyautomation
odyssey cms
≤ 10.34

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates the g-recaptcha-response input parameter to prevent manipulation that triggers the key management error.

prevent

Establishes secure cryptographic key management practices to protect the reCAPTCHA secret key from exposure due to key management errors.

prevent

Requires timely remediation of the specific flaw in the Odyssey CMS reCAPTCHA handler to eliminate the vulnerability.

References