CVE-2018-7211

HIGH

iDashboards < 9.6b - Weak Obfuscation in SSO Implementation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-7211. PoCs published by c3r34lk1ll3r.

AI-analyzed exploit summary This repository contains a Python script demonstrating encryption/decryption logic related to CVE-2018-7211, a vulnerability in iDashboards 9.6b. The script itself does not exploit the vulnerability but provides cryptographic functions likely used in the exploitation process.

Description

An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials.

Exploits (1)

nomisec WORKING POC

by c3r34lk1ll3r · poc

https://github.com/c3r34lk1ll3r/CVE-2018-7211-PoC

View Code ZIP pw:eip

This repository contains a Python script demonstrating encryption/decryption logic related to CVE-2018-7211, a vulnerability in iDashboards 9.6b. The script itself does not exploit the vulnerability but provides cryptographic functions likely used in the exploitation process.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: iDashboards 9.6b

No auth needed

Prerequisites: None

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://membership.backbox.org/idashboards-9-6b-multiple-vulnerabilities/

Scores

CVSS v3 8.1

EPSS 0.0077

EPSS Percentile 50.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-327

Status published

Products (1)

idashboards/idashboards < 9.6b

Published Feb 18, 2018

Tracked Since Feb 18, 2026