CVE-2025-30206
published 2025-04-15CVE-2025-30206: Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.72%
49.3th percentile
Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw allows attackers to analyze the source code, discover the embedded secret, and craft legitimate JWT tokens. By forging these tokens, an attacker can successfully bypass authentication mechanisms, impersonate privileged users, and gain unauthorized administrative access. Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sensitive data exposure, unauthorized command execution, privilege escalation, or further lateral movement within the network environment. This issue is patched in version 1.6.1. A workaround for this vulnerability involves replacing the hardcoded secret with a securely generated value and load it from secure configuration storage.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| donknap | dpanel | < 1.6.1 | 1.6.1 |
| github.com | donknap_dpanel | >= 0 < 1.6.1 | 1.6.1 |
| nocobase | auth | >= 0 < 1.9.0-beta.18 | 1.9.0-beta.18 |
| nocobase | auth | >= 1.9.0 < 1.9.23 | 1.9.23 |
| nocobase | auth | >= 2.0.0-alpha.1 < 2.0.0-alpha.52 | 2.0.0-alpha.52 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa9.8CRITICAL
osv9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments
ghsa·2025-12-09·CVSS 9.8
CVE-2025-13877 [CRITICAL] CWE-1320 Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments
Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments
### Impact
CVE-2025-13877 is an **authentication bypass vulnerability caused by insecure default JWT key usage** in NocoBase Docker deployments.
Because the official one-click Docker deployment configuration historically provided a **public default JWT key**, attackers can **forge valid JWT tokens without possessing any legitimate credentials**. By constructing a token with a known `userId` (commonly the administrator account), an attacker can directly bypass authentication and authorization checks.
Successful exploitation allows an attacker to:
- Bypass authentication entirely
- Impersonate arbitrary users
- Gain full administrator privileges
- Access sensitive business data
- Create, modify, or delet
OSV
Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments
osv·2025-12-09·CVSS 9.8
CVE-2025-13877 [CRITICAL] Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments
Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments
### Impact
CVE-2025-13877 is an **authentication bypass vulnerability caused by insecure default JWT key usage** in NocoBase Docker deployments.
Because the official one-click Docker deployment configuration historically provided a **public default JWT key**, attackers can **forge valid JWT tokens without possessing any legitimate credentials**. By constructing a token with a known `userId` (commonly the administrator account), an attacker can directly bypass authentication and authorization checks.
Successful exploitation allows an attacker to:
- Bypass authentication entirely
- Impersonate arbitrary users
- Gain full administrator privileges
- Access sensitive business data
- Create, modify, or delet
OSV
Dpanel's hard-coded JWT secret leads to remote code execution in github.com/donknap/dpanel
osv·2025-04-22
CVE-2025-30206 Dpanel's hard-coded JWT secret leads to remote code execution in github.com/donknap/dpanel
Dpanel's hard-coded JWT secret leads to remote code execution in github.com/donknap/dpanel
Dpanel's hard-coded JWT secret leads to remote code execution in github.com/donknap/dpanel
OSV
Dpanel's hard-coded JWT secret leads to remote code execution
osv·2025-04-15
CVE-2025-30206 [CRITICAL] Dpanel's hard-coded JWT secret leads to remote code execution
Dpanel's hard-coded JWT secret leads to remote code execution
### Summary
The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine.
### Details
The Dpanel service, when initiated using its default configuration, includes a hardcoded JWT secret embedded directly within its source code. This security flaw allows attackers to analyze the source code, discover the embedded secret, and craft legitimate JWT tokens. By forging these tokens, an attacker can successfully bypass authentication mechanisms, impersonate privileged users, and gain unauthorized administrative access. Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sens
GHSA
Dpanel's hard-coded JWT secret leads to remote code execution
ghsa·2025-04-15
CVE-2025-30206 [CRITICAL] CWE-321 Dpanel's hard-coded JWT secret leads to remote code execution
Dpanel's hard-coded JWT secret leads to remote code execution
### Summary
The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine.
### Details
The Dpanel service, when initiated using its default configuration, includes a hardcoded JWT secret embedded directly within its source code. This security flaw allows attackers to analyze the source code, discover the embedded secret, and craft legitimate JWT tokens. By forging these tokens, an attacker can successfully bypass authentication mechanisms, impersonate privileged users, and gain unauthorized administrative access. Consequently, this enables full control over the host machine, potentially leading to severe consequences such as sens
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-15
Published