CVE-2018-16988

CRITICAL

Open XDMoD <7.5.0 - Auth Bypass

Title source: llm

Description

An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes.

References (1)

[Third Party Advisory] https://github.com/grymer/CVE/blob/master/CVE-2018-16988.md

View Writeup ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0031

EPSS Percentile 53.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-640

Status published

Products (2)

xdmod/open_xdmod 7.5.0 (3 CPE variants)

xdmod/open_xdmod < 7.0.1

Published May 02, 2019

Tracked Since Feb 18, 2026