CVE-2017-5496

CRITICAL

Sawmill Enterprise 8.7.9 - Authentication Bypass via Password Hash

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-5496. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This is a detailed writeup describing a 'Pass the Hash' authentication bypass vulnerability in Sawmill Enterprise v8.7.9. The vulnerability allows an attacker to use MD5 password hashes directly for authentication, bypassing the need for the actual password.

Description

Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of a password hash.

Exploits (1)

exploitdb WRITEUP
by hyp3rlinx · textwebappswindows
https://www.exploit-db.com/exploits/41395

This is a detailed writeup describing a 'Pass the Hash' authentication bypass vulnerability in Sawmill Enterprise v8.7.9. The vulnerability allows an attacker to use MD5 password hashes directly for authentication, bypassing the need for the actual password.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Sawmill Enterprise v8.7.9
No auth needed
Prerequisites: Access to the 'users.cfg' file containing password hashes
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/41395/
Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2017/Feb/46

Scores

CVSS v3 9.8
EPSS 0.0577
EPSS Percentile 92.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (1)
sawmill/sawmill 8.7.9
Published Mar 15, 2017
Tracked Since Feb 18, 2026