CWE-330
DiscouragedUse of Insufficiently Random Values
Abstraction: Class · Status: Stable
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
445 vulnerabilities reference this CWE, most recent first.
GHSA-HF8H-GVQ7-6GFR
Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)
{
"affected": [],
"aliases": [
"CVE-2020-35685"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-08-19T12:15:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)",
"id": "GHSA-hf8h-gvq7-6gfr",
"modified": "2022-05-24T19:11:41Z",
"published": "2022-05-24T19:11:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35685"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-789208.pdf"
},
{
"type": "WEB",
"url": "https://www.forescout.com/blog/new-critical-operational-technology-vulnerabilities-found-on-nichestack"
},
{
"type": "WEB",
"url": "https://www.hcc-embedded.com"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/608209"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HG3W-24RP-MF42
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2022-05-24 17:35A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.
{
"affected": [],
"aliases": [
"CVE-2020-7548"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-01T15:15:00Z",
"severity": "CRITICAL"
},
"details": "A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.",
"id": "GHSA-hg3w-24rp-mf42",
"modified": "2022-05-24T17:35:21Z",
"published": "2022-05-24T17:35:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7548"
},
{
"type": "WEB",
"url": "https://www.se.com/ww/en/download/document/SEVD-2020-287-03"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-HG4Q-QFFW-JQG4
Vulnerability from github – Published: 2022-05-17 05:53 – Updated: 2024-02-09 03:32Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack.
{
"affected": [],
"aliases": [
"CVE-2008-4905"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-11-04T00:58:00Z",
"severity": "MODERATE"
},
"details": "Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack.",
"id": "GHSA-hg4q-qffw-jqg4",
"modified": "2024-02-09T03:32:53Z",
"published": "2022-05-17T05:53:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4905"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32272"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/4550"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/497970"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HHPH-6QVJ-8859
Vulnerability from github – Published: 2022-09-02 00:01 – Updated: 2025-08-22 21:31In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
{
"affected": [],
"aliases": [
"CVE-2022-1615"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-09-01T21:15:00Z",
"severity": "MODERATE"
},
"details": "In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.",
"id": "GHSA-hhph-6qvj-8859",
"modified": "2025-08-22T21:31:12Z",
"published": "2022-09-02T00:01:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1615"
},
{
"type": "WEB",
"url": "https://bugzilla.samba.org/show_bug.cgi?id=15103"
},
{
"type": "WEB",
"url": "https://gitlab.com/samba-team/samba/-/merge_requests/2644"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTTOLTHUHOV4SHCHCB5TAA4FQVJAWN4P"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTTOLTHUHOV4SHCHCB5TAA4FQVJAWN4P"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202309-06"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HHR2-4CVP-F289
Vulnerability from github – Published: 2024-12-18 06:30 – Updated: 2024-12-18 06:30The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover and privilege escalation in all versions up to, and including, 1.2.8. This is due to the 'generate_key' function not producing a sufficiently random value. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log in as site administrators, granted they have triggered the ajax_login() function which generates a unique key that can be used to log in.
{
"affected": [],
"aliases": [
"CVE-2024-12432"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-18T04:15:07Z",
"severity": "HIGH"
},
"details": "The WPC Shop as a Customer for WooCommerce plugin for WordPress is vulnerable to account takeover and privilege escalation in all versions up to, and including, 1.2.8. This is due to the \u0027generate_key\u0027 function not producing a sufficiently random value. This makes it possible for authenticated attackers, with Subscriber-level access and above, to log in as site administrators, granted they have triggered the ajax_login() function which generates a unique key that can be used to log in.",
"id": "GHSA-hhr2-4cvp-f289",
"modified": "2024-12-18T06:30:49Z",
"published": "2024-12-18T06:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12432"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3208130%40wpc-shop-as-customer\u0026new=3208130%40wpc-shop-as-customer\u0026sfp_email=\u0026sfph_mail="
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/048625e8-10b7-418d-a13b-329f1d7e0171?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HJ52-CV6C-G64Q
Vulnerability from github – Published: 2022-05-13 01:19 – Updated: 2025-05-06 18:30The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.
{
"affected": [],
"aliases": [
"CVE-2018-18602"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-12-31T16:29:00Z",
"severity": "CRITICAL"
},
"details": "The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.",
"id": "GHSA-hj52-cv6c-g64q",
"modified": "2025-05-06T18:30:26Z",
"published": "2022-05-13T01:19:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18602"
},
{
"type": "WEB",
"url": "https://labs.bitdefender.com/2018/12/iot-report-major-flaws-in-guardzilla-cameras-allow-remote-hijack-of-the-security-device"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HQ3V-RG6F-6HX4
Vulnerability from github – Published: 2021-09-01 18:35 – Updated: 2021-08-30 20:28yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "yiisoft/yii2-dev"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.43"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-3689"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2021-08-30T20:28:40Z",
"nvd_published_at": "2021-08-10T11:15:00Z",
"severity": "HIGH"
},
"details": "yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator",
"id": "GHSA-hq3v-rg6f-6hx4",
"modified": "2021-08-30T20:28:40Z",
"published": "2021-09-01T18:35:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3689"
},
{
"type": "WEB",
"url": "https://github.com/yiisoft/yii2/commit/13f27e4d920a05d53236139e8b07007acd046a46"
},
{
"type": "PACKAGE",
"url": "https://github.com/yiisoft/yii2"
},
{
"type": "WEB",
"url": "https://huntr.dev/bounties/50aad1d4-eb00-4573-b8a4-dbe38e2c229f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Use of Insufficiently Random Values in yiisoft/yii2-dev"
}
GHSA-HV93-R4J3-Q65F
Vulnerability from github – Published: 2026-02-17 16:43 – Updated: 2026-02-17 16:43Summary
The issue is not deterministic session keys by itself. The exploitable path was accepting externally supplied sessionKey values on authenticated hook ingress, allowing a hook token holder to route messages into chosen sessions.
Affected Behavior
POST /hooks/agentaccepted payloadsessionKeyand used it directly for session routing.- Common session-key shapes (for example
agent:main:dm:<peerId>) were often derivable from known metadata, making targeted routing practical when request-level override was enabled.
Attack Preconditions
- Attacker can call hook endpoints with a valid hook token.
- Hook ingress allows request-selected
sessionKeyvalues. - Target session keys can be derived or guessed.
Without those preconditions, deterministic key formats alone do not provide access.
Impact
- Integrity: targeted message/prompt injection into chosen sessions.
- Persistence: poisoned context can affect subsequent turns when the same session key is reused.
- Confidentiality impact is secondary and depends on additional weaknesses.
Affected Versions
openclaw>= 2.0.0-beta3and< 2026.2.12
Patched Versions
openclaw>= 2026.2.12
Fix
OpenClaw now uses secure defaults for hook session routing:
- POST /hooks/agent rejects payload sessionKey unless hooks.allowRequestSessionKey=true.
- Added hooks.defaultSessionKey for fixed ingress routing.
- Added hooks.allowedSessionKeyPrefixes to constrain explicit routing keys.
- Security audit warns on unsafe hook session-routing settings.
Recommended Configuration
{
"hooks": {
"enabled": true,
"token": "${OPENCLAW_HOOKS_TOKEN}",
"defaultSessionKey": "hook:ingress",
"allowRequestSessionKey": false,
"allowedSessionKeyPrefixes": ["hook:"]
}
}
Credit
Thanks @alpernae for responsible reporting.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "openclaw"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.0-beta3"
},
{
"fixed": "2026.2.12"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-330",
"CWE-639"
],
"github_reviewed": true,
"github_reviewed_at": "2026-02-17T16:43:34Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "## Summary\nThe issue is not deterministic session keys by itself. The exploitable path was accepting externally supplied `sessionKey` values on authenticated hook ingress, allowing a hook token holder to route messages into chosen sessions.\n\n## Affected Behavior\n- `POST /hooks/agent` accepted payload `sessionKey` and used it directly for session routing.\n- Common session-key shapes (for example `agent:main:dm:\u003cpeerId\u003e`) were often derivable from known metadata, making targeted routing practical when request-level override was enabled.\n\n## Attack Preconditions\n- Attacker can call hook endpoints with a valid hook token.\n- Hook ingress allows request-selected `sessionKey` values.\n- Target session keys can be derived or guessed.\n\nWithout those preconditions, deterministic key formats alone do not provide access.\n\n## Impact\n- Integrity: targeted message/prompt injection into chosen sessions.\n- Persistence: poisoned context can affect subsequent turns when the same session key is reused.\n- Confidentiality impact is secondary and depends on additional weaknesses.\n\n## Affected Versions\n- `openclaw` `\u003e= 2.0.0-beta3` and `\u003c 2026.2.12`\n\n## Patched Versions\n- `openclaw` `\u003e= 2026.2.12`\n\n## Fix\nOpenClaw now uses secure defaults for hook session routing:\n- `POST /hooks/agent` rejects payload `sessionKey` unless `hooks.allowRequestSessionKey=true`.\n- Added `hooks.defaultSessionKey` for fixed ingress routing.\n- Added `hooks.allowedSessionKeyPrefixes` to constrain explicit routing keys.\n- Security audit warns on unsafe hook session-routing settings.\n\n## Recommended Configuration\n```json\n{\n \"hooks\": {\n \"enabled\": true,\n \"token\": \"${OPENCLAW_HOOKS_TOKEN}\",\n \"defaultSessionKey\": \"hook:ingress\",\n \"allowRequestSessionKey\": false,\n \"allowedSessionKeyPrefixes\": [\"hook:\"]\n }\n}\n```\n\n## Credit\nThanks @alpernae for responsible reporting.",
"id": "GHSA-hv93-r4j3-q65f",
"modified": "2026-02-17T16:43:34Z",
"published": "2026-02-17T16:43:34Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-hv93-r4j3-q65f"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/commit/113ebfd6a23c4beb8a575d48f7482593254506ec"
},
{
"type": "PACKAGE",
"url": "https://github.com/openclaw/openclaw"
},
{
"type": "WEB",
"url": "https://github.com/openclaw/openclaw/releases/tag/v2026.2.12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "OpenClaw Hook Session Key Override Enables Targeted Cross-Session Routing"
}
GHSA-HWCM-7PC9-M9X2
Vulnerability from github – Published: 2023-10-10 18:31 – Updated: 2024-04-04 08:29In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.
{
"affected": [],
"aliases": [
"CVE-2020-27636"
],
"database_specific": {
"cwe_ids": [
"CWE-330"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-10T17:15:10Z",
"severity": "CRITICAL"
},
"details": "In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.",
"id": "GHSA-hwcm-7pc9-m9x2",
"modified": "2024-04-04T08:29:49Z",
"published": "2023-10-10T18:31:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27636"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
},
{
"type": "WEB",
"url": "https://www.forescout.com"
},
{
"type": "WEB",
"url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HXGM-GWX3-35X7
Vulnerability from github – Published: 2022-03-09 00:00 – Updated: 2022-03-17 00:02A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.29). When returning the result of a completed Microflow execution call the affected framework does not correctly verify, if the request was initially made by the user requesting the result. Together with predictable identifiers for Microflow execution calls, this could allow a malicious attacker to retrieve information about arbitrary Microflow execution calls made by users within the affected system.
{
"affected": [],
"aliases": [
"CVE-2022-26317"
],
"database_specific": {
"cwe_ids": [
"CWE-284",
"CWE-330",
"CWE-668"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-03-08T12:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions \u003c V7.23.29). When returning the result of a completed Microflow execution call the affected framework does not correctly verify, if the request was initially made by the user requesting the result. Together with predictable identifiers for Microflow execution calls, this could allow a malicious attacker to retrieve information about arbitrary Microflow execution calls made by users within the affected system.",
"id": "GHSA-hxgm-gwx3-35x7",
"modified": "2022-03-17T00:02:44Z",
"published": "2022-03-09T00:00:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26317"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-415938.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
- Use a well-vetted algorithm that is currently considered to be strong by experts in the field, and select well-tested implementations with adequate length seeds.
- In general, if a pseudo-random number generator is not advertised as being cryptographically secure, then it is probably a statistical PRNG and should not be used in security-sensitive contexts.
- Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
Mitigation
Consider a PRNG that re-seeds itself as needed from high quality pseudo-random output sources, such as hardware devices.
Mitigation MIT-2
Strategy: Libraries or Frameworks
Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").
CAPEC-112: Brute Force
In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that will unlock the asset.
CAPEC-485: Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.