CVE-2018-15681

CRITICAL

BTITeam XBTIT <2.5.4 - Info Disclosure

Title source: llm

Description

An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully steals this cookie can efficiently brute-force it to retrieve the user's cleartext password.

References (1)

[Exploit, Mitigation, Third Party Advisory] https://rastating.github.io/xbtit-multiple-vulnerabilities/

Scores

CVSS v3 9.8

EPSS 0.0019

EPSS Percentile 41.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-732 CWE-916

Status published

Products (1)

btiteam/xbtit 2.5.4

Published Sep 05, 2018

Tracked Since Feb 18, 2026