CVE-2018-5354

HIGH

ANIXIS Password Reset Client <3.22 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-5354. PoCs published by missing0x00.

AI-analyzed exploit summary The repository provides a detailed writeup for CVE-2018-5354, a privilege escalation/RCE vulnerability in ANIXIS Password Reset Client before version 3.22. The exploit involves spoofing attacks to redirect traffic and gain code execution in the context of WinLogon.exe.

Description

The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP.

Exploits (1)

nomisec WRITEUP
by missing0x00 · poc
https://github.com/missing0x00/CVE-2018-5354

The repository provides a detailed writeup for CVE-2018-5354, a privilege escalation/RCE vulnerability in ANIXIS Password Reset Client before version 3.22. The exploit involves spoofing attacks to redirect traffic and gain code execution in the context of WinLogon.exe.

Classification
Writeup 100%
Attack Type
Rce | Lpe
Complexity
Moderate
Reliability
Reliable
Target: ANIXIS Password Reset Client before version 3.22
No auth needed
Prerequisites: Spoofing capability (ARP, physical access, etc.) · RDP access if NLA is not enforced · Web server to serve malicious file
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
http://anixis.com
Exploit, Third Party Advisory x_refsource_misc
https://github.com/missing0x00/CVE-2018-5354

Scores

CVSS v3 8.8
EPSS 0.0268
EPSS Percentile 84.0%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-290
Status published
Products (1)
anixis/password_reset_client < 3.22
Published Sep 30, 2020
Tracked Since Feb 18, 2026