CVE-2025-24369

LOW Year: 2025
Weakness Type
CWE-807
View all →

Vulnerability Description

Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (such as 42069), and then passes the challenge with difficulty zero. Commit e09d0226a628f04b1d80fd83bee777894a45cd02 fixes this behavior by not using a client-specified difficulty value.

Related Vulnerabilities

CVE-2025-1126

CRITICAL
CVSS:9.3(Critical)

A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client.

CWE-8072025

CVE-2024-29039

CRITICAL
CVSS:9.0(Critical)

tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR in...

CWE-8072024

CVE-2021-31999

HIGH
CVSS:8.8(High)

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group...

CWE-8072021

CVE-2021-36777

HIGH
CVSS:8.8(High)

A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the c...

CWE-8072021

CVE-2024-55354

HIGH
CVSS:8.8(High)

Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let an attacker run code that would be expecte...

CWE-8072024

CVE-2023-0009

HIGH
CVSS:7.8(High)

A local privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows enables a local user to execute programs with elevated privileges.

CWE-8072023