Cyber Resilience

CVE-2025-2322

MediumPublic PoC

Published: 15 March 2025

Published
15 March 2025
Modified
24 October 2025
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0009 26.0th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2322 is a medium-severity Use of Hard-coded Password (CWE-259) vulnerability in 274056675 Springboot-Openai-Chatgpt. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Valid Accounts (T1078); ranked at the 26.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

This vulnerability is AI-related — categorised as LLM Application Platforms; in the Privacy and Disclosure risk domain.

The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and RA-5 (Vulnerability Monitoring and Scanning).

Deeper analysis

CVE-2025-2322 is a critical vulnerability involving hard-coded credentials in the springboot-openai-chatgpt application at commit e84f6f5 from repository owner 274056675. It affects an unknown part of the file /chatgpt-boot/src/main/java/org/springblade/modules/mjkj/controller/OpenController.java. Classified under CWE-259 and CWE-798, the issue has a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). The product lacks versioning, so details on affected and unaffected releases are unavailable.

The vulnerability enables remote exploitation without authentication or user interaction. Attackers can manipulate the affected component to access hard-coded credentials, potentially leading to low-level impacts on confidentiality, integrity, and availability.

Advisories from VulDB (ctiid.299751, id.299751, submit.505694) and a related cnblogs post document the issue, noting that the exploit has been publicly disclosed and may be actively used. The vendor was contacted early but provided no response, and no patches or mitigations are specified.

In notable context, this flaw relates to a Spring Boot integration with OpenAI's ChatGPT, carrying AI/ML relevance due to its handling of chat functionalities, with the public exploit availability increasing real-world risk.

EU & UK References

Vulnerability details

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been classified as critical. This affects an unknown part of the file /chatgpt-boot/src/main/java/org/springblade/modules/mjkj/controller/OpenController.java. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has…

more

been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

AI Security AnalysisAI

AI Category
LLM Application Platforms
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: chatgpt, openai

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1078 Valid Accounts Stealth
Adversaries may obtain and abuse credentials of existing accounts as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
T1078.001 Default Accounts Stealth
Adversaries may obtain and abuse credentials of a default account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
T1078.003 Local Accounts Stealth
Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Why these techniques?

Hard-coded administrator credentials in the web application controller enable authentication with valid default or local accounts (T1078, T1078.001, T1078.003) and provide unsecured credentials stored in files (T1552.001).

CVEs Like This One

CVE-2025-2320Same product: 274056675 Springboot-Openai-Chatgpt
CVE-2025-2334Same product: 274056675 Springboot-Openai-Chatgpt
CVE-2026-4475Shared CWE-259, CWE-798
CVE-2025-8730Shared CWE-259, CWE-798
CVE-2025-8974Shared CWE-259, CWE-798
CVE-2026-8032Shared CWE-259, CWE-798
CVE-2025-2343Shared CWE-259, CWE-798
CVE-2026-36538Shared CWE-798
CVE-2026-7579Shared CWE-259, CWE-798
CVE-2026-6574Shared CWE-259, CWE-798

Affected Assets

274056675
springboot-openai-chatgpt
2024-12-29

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 mandates timely identification, reporting, and remediation of software flaws like hard-coded credentials, directly preventing exploitation of CVE-2025-2322.

prevent

IA-5 requires proper management and protection of authenticators, prohibiting hard-coded credentials in application code such as OpenController.java.

detect

RA-5 requires vulnerability scanning that can identify hard-coded credentials vulnerabilities like CVE-2025-2322 in deployed Spring Boot applications.

References