From 11d460f0b832b5bb58f8bdf4f3df7d41245dff0e Mon Sep 17 00:00:00 2001
From: Julian Speckmann <176780813+KingIronMan2011@users.noreply.github.com>
Date: Wed, 24 Dec 2025 04:05:20 +0100
Subject: [PATCH] fix: use crypto.randomBytes for secure pseudo-random value
 generation

---
 server/modules/axios-ntlm/lib/hash.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/modules/axios-ntlm/lib/hash.js b/server/modules/axios-ntlm/lib/hash.js
index 4addb5f54..4085e92ed 100644
--- a/server/modules/axios-ntlm/lib/hash.js
+++ b/server/modules/axios-ntlm/lib/hash.js
@@ -106,7 +106,7 @@ function createNTLMv2Response(type2message, username, ntlmhash, nonce, targetNam
 function createPseudoRandomValue(length) {
     var str = '';
     while (str.length < length) {
-        str += Math.floor(Math.random() * 16).toString(16);
+        str += Math.floor(crypto.randomBytes() * 16).toString(16);
     }
     return str;
 }