Critical Hardcoded Credentials in SpringBoot-OpenAI-ChatGPT OpenController
CVE-2025-2322 Published on March 15, 2025
274056675 springboot-openai-chatgpt OpenController.java hard-coded credentials
A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been classified as critical. This affects an unknown part of the file /chatgpt-boot/src/main/java/org/springblade/modules/mjkj/controller/OpenController.java. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Use of Hard-coded Password
The software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
Affected Versions
274056675 springboot-openai-chatgpt Version e84f6f5 is affected by CVE-2025-2322Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.