{"id":71861,"date":"2025-10-17T07:46:06","date_gmt":"2025-10-17T04:16:06","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-11899-flowring-technology%ef%bd%9cagentflow-use-of-hard-coded-cryptographic-key\/"},"modified":"2025-10-17T07:46:06","modified_gmt":"2025-10-17T04:16:06","slug":"cve-2025-11899-flowring-technology%ef%bd%9cagentflow-use-of-hard-coded-cryptographic-key","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-11899-flowring-technology%ef%bd%9cagentflow-use-of-hard-coded-cryptographic-key\/","title":{"rendered":"CVE-2025-11899 &#8211; Flowring Technology\uff5cAgentflow &#8211; Use of Hard-coded Cryptographic Key"},"content":{"rendered":"<p>CVE ID : CVE-2025-11899<\/p>\n<p>Published :  Oct. 17, 2025, 4:16 a.m. | 24\u00a0minutes ago<\/p>\n<p>Description : Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit this vulnerability.<\/p>\n<p>Severity: 9.2 | CRITICAL<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-11899 Published : Oct. 17, 2025, 4:16 a.m. | 24\u00a0minutes ago Description : Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-71861","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71861","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=71861"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/71861\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=71861"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=71861"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=71861"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}