Cyber Resilience

CVE-2025-61777

Critical

Published: 06 October 2025

Published
06 October 2025
Modified
30 October 2025
KEV Added
Patch
CVSS Score v3.1 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
EPSS Score 0.0002 7.2th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-61777 is a critical-severity Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) vulnerability in Flagforge Flagforge. Its CVSS base score is 9.4 (Critical).

Operationally, ranked at the 7.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Flag Forge is a Capture The Flag (CTF) platform. Starting in version 2.0.0 and prior to version 2.3.2, the `/api/admin/badge-templates` (GET) and `/api/admin/badge-templates/create` (POST) endpoints previously allowed access without authentication or authorization. This could have enabled unauthorized users to retrieve…

more

all badge templates and sensitive metadata (createdBy, createdAt, updatedAt) and/or create arbitrary badge templates in the database. This could lead to data exposure, database pollution, or abuse of the badge system. The issue has been fixed in FlagForge v2.3.2. GET, POST, UPDATE, and DELETE endpoints now require authentication. Authorization checks ensure only admins can access and modify badge templates. No reliable workarounds are available.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

flagforge
flagforge
2.0 — 2.3.2

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

Session auditing enables detection of unauthorized exposure or access to sensitive information during user activities.

Architectures explicitly define requirements and mechanisms for access control to protect confidentiality, integrity, and availability.

Inventory identifies all systems holding or processing data, enabling detection of unauthorized exposure paths before exploitation.

A CIKR protection plan that explicitly addresses information security requires defining and enforcing access control policies on critical systems and resources.

Risk assessment explicitly identifies threats from unauthorized access and drives decisions to implement or strengthen access control mechanisms.

Directly requires mechanisms to restrict public users from unauthorized actions on system resources.

Directly enforces access control by prohibiting unauthorized remote activation of cameras, mics, and similar devices.

Decoys supply misleading data and log access attempts, directly detecting and deflecting unauthorized information exposure.

References