Primary

Context

CryptPad Two-Factor Authentication Bypass Vulnerability

Vulnerability

A vulnerability in CryptPad prior to version 2025.3.0 allows for a trivial bypass of Two-Factor Authentication (2FA). This issue arises from a weak implementation of access controls, where 2FA is not enforced if the path parameter is not exactly 44 characters long. An attacker who compromises a user's credentials can access the victim's account, regardless of 2FA being enabled. The vulnerability has been patched in version 2025.3.0.

Impact

Exploitation of this vulnerability allows an attacker to bypass 2FA and gain unauthorized access to a user's account.

Reproduction

To reproduce this vulnerability, log into a CryptPad account with 2FA enabled. Then, send a request to the '/block/' endpoint with a URL-encoded public key that is longer than 44 characters. This will bypass the 2FA enforcement and grant access to the account's encrypted block data.

Remediation

Users should update to CryptPad version 2025.3.0 or later.

Added: Jun 18, 2025, 11:18 PM

Updated: Jun 18, 2025, 11:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

7.7

relevance

0.2

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

7.7

relevance

0.2

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CryptPad Two-Factor Authentication Bypass Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating