Description
In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks.
Remediation
References
https://github.com/airsonic/airsonic/commit/61c842923a6d60d4aedd126445a8437b53b752c8
Related Vulnerabilities
CVE-2021-42550 Vulnerability in maven package ch.qos.logback:logback-core
CVE-2023-26119 Vulnerability in maven package net.sourceforge.htmlunit:htmlunit
CVE-2021-42567 Vulnerability in maven package org.apereo.cas:cas-server-core-services
CVE-2021-22137 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2020-26870 Vulnerability in maven package org.webjars.bowergithub.cure53:dompurify