CVE-2025-11750 Scanner
CVE-2025-11750 Scanner - User Enumeration vulnerability in Dify
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
18 days 7 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
Dify is used to manage and streamline various processes within an organization. It is utilized by businesses for enhancing workflows, and optimizing operations. Often deployed as a web-based application, it is accessible through various platforms by employees and management alike. Dify integrates with numerous business applications, providing a central hub for operational efficiency. Companies rely on it for user management and secure data handling. It is widely used due to its comprehensive features and easy-to-use interface.
User enumeration is a security weakness that allows attackers to determine valid usernames from invalid ones. In Dify, this vulnerability arises when the login API divulges different error messages based on user existence. This can be exploited by sending different combinations of emails to find valid users. Identifying valid accounts is typically the first step in launching more sophisticated attacks. Such vulnerabilities can lead to unauthorized access attempts. Effective handling and uniform error messages are recommended to mitigate this risk.
User enumeration in Dify is related to the login functionality. The issue is triggered when an attacker inputs a non-existent email during the login process. Upon submission, the application responds with a distinct error message, such as "account_not_found." This response indicates the absence of an account under the email provided. Attackers leverage this information by systematically testing multiple email addresses. The vulnerable endpoint is "/console/api/login", and the vulnerable parameter is the "email" field. Ensuring consistent error responses can help prevent this issue.
Exploiting the user enumeration vulnerability in Dify can have several impacts. Attackers can compile lists of valid user accounts, increasing the risk of targeted attacks such as password guessing or phishing. This information can facilitate unauthorized access if combined with password breaches. Identified accounts might become targets for social engineering attacks. The overall security posture of the affected system can be compromised, leading to potential data breaches. A notable increase in system activity can result from brute force attempts targeting valid accounts.
REFERENCES
