CVE-2010-4279
Artica Pandora Fms < 3.1 - Authentication Bypass
Title source: ruleDescription
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which allows remote attackers to bypass authentication by sending a request to index.php with "admin" in the loginhash_user parameter, in conjunction with the md5 hash of "admin" in the loginhash_data parameter.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotephp
https://www.exploit-db.com/exploits/35731
exploitdb
WRITEUP
VERIFIED
by Juan Galiana Lara · textwebappsphp
https://www.exploit-db.com/exploits/15639
metasploit
WORKING POC
EXCELLENT
by Juan Galiana Lara · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/pandora_upload_exec.rb
References (9)
Scores
EPSS
0.8175
EPSS Percentile
99.2%
Classification
CWE
CWE-287
Status
draft
Affected Products (16)
artica/pandora_fms
< 3.1
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
artica/pandora_fms
... and 1 more
Timeline
Published
Dec 02, 2010
Tracked Since
Feb 18, 2026