CVE-2018-16988
CRITICALOpen XDMoD through 7.5.0 - Authentication Bypass via Weak Password Reset Mechanism
Title source: llmDescription
An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process (pass_reset.php, password_reset.php, XDUser.php) in the past few minutes.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://github.com/grymer/CVE/blob/master/CVE-2018-16988.md
Scores
CVSS v3
9.8
EPSS
0.0160
EPSS Percentile
72.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-640
Status
published
Products (3)
buffalo/open_xdmod
< 8.0.0
xdmod/open_xdmod
7.5.0 (3 CPE variants)
xdmod/open_xdmod
< 7.0.1
Published
May 02, 2019
Tracked Since
Feb 18, 2026