Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

UBUNTU-CVE-2025-44203

0
High
Published: 06/20/2025 (06/20/2025, 16:15:00 UTC)
Source: GCVE Database
Product: hoteldruid

Description

HotelDruid versions 3.0.0 and 3.0.7 contain a race condition vulnerability in the unauthenticated database setup endpoint creadb.php. This endpoint can be accessed before setup completion and allows concurrent requests to trigger verbose SQL error messages that disclose administrator credentials. The race condition also causes partial setup initialization, preventing administrator login and resulting in a denial of service requiring reinstallation. Remote exploitation requires the installation to permit non-localhost access. The issue was fixed in version 3.0.8.

CVSS v3.1

Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected software

Ubuntu:16.04:LTSmore threats →ghsa
hoteldruid
pkg:deb/ubuntu/[email protected]?arch=source&distro=xenial
Affected versions
=2.1.0-1=2.1.3-1=2.1.4-1=2.1.4-1ubuntu1=2.1.4-1ubuntu2
Ubuntu:18.04:LTSmore threats →ghsa
hoteldruid
pkg:deb/ubuntu/[email protected]?arch=source&distro=bionic
Affected versions
=2.2.1-1=2.2.2-1
Ubuntu:20.04:LTSmore threats →ghsa
hoteldruid
pkg:deb/ubuntu/[email protected]?arch=source&distro=focal
Affected versions
=2.3.2-1=3.0.0-1=3.0.1-1
Ubuntu:22.04:LTSmore threats →ghsa
hoteldruid
pkg:deb/ubuntu/[email protected]?arch=source&distro=jammy
Affected versions
=3.0.1-1=3.0.3-1
Ubuntu:24.04:LTSmore threats →ghsa
hoteldruid
pkg:deb/ubuntu/[email protected]?arch=source&distro=noble
Affected versions
=3.0.5-1=3.0.6-1
Ubuntu:25.10more threats →ghsa
hoteldruid
pkg:deb/ubuntu/[email protected]?arch=source&distro=questing
Affected versions
=3.0.6-1

Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/16/2026, 14:16:12 UTC

Technical Analysis

In HotelDruid 3.0.0 and 3.0.7, the unauthenticated endpoint creadb.php used during database setup can be accessed before setup completion. By sending many concurrent requests, an attacker can trigger a race condition that causes verbose SQL error messages to leak the administrator username, password hash, and salt. Additionally, the race condition leaves the setup partially initialized, causing a denial of service by preventing administrator login with the installation credentials. Remote exploitation requires that the installation allows access from non-localhost sources. This vulnerability was fixed in version 3.0.8.

Potential Impact

The vulnerability allows an unauthenticated attacker to obtain sensitive administrator credentials through SQL error message disclosure. It also causes a denial of service by corrupting the setup state, preventing administrator login and requiring reinstallation to recover. Remote exploitation is limited to installations allowing non-localhost access. There are no known exploits in the wild.

Mitigation Recommendations

Upgrade HotelDruid to version 3.0.8 or later, where this vulnerability is fixed. Until then, restrict access to the setup endpoint to localhost only and avoid exposing the setup interface remotely. Patch status is confirmed fixed in 3.0.8.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Osv Id
UBUNTU-CVE-2025-44203
Osv Schema Version
1.7.0
Aliases
[]
Ecosystems
["Ubuntu:16.04:LTS","Ubuntu:18.04:LTS","Ubuntu:20.04:LTS","Ubuntu:22.04:LTS","Ubuntu:24.04:LTS","Ubuntu:25.10"]
Database Specific Severity
null
Cvss Version
3.1

Threat ID: 6a58b50768715ace43db2961

Added to database: 07/16/2026, 10:40:07 UTC

Last enriched: 07/16/2026, 14:16:12 UTC

Last updated: 07/16/2026, 14:16:12 UTC

Views: 2

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses