CVE-2018-9160

CRITICAL

SickRage < 2018.03.09-1 - Unprotected Credential Exposure via HTTP Response

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2018-9160. PoCs published by Sven Fassbender, mechanico, Sven Fassbender, Shelby Pace, including Metasploit module auxiliary/scanner/http/http_sickrage_password_leak.

AI-analyzed exploit summary This exploit demonstrates an information leakage vulnerability in SickRage where clear-text credentials (e.g., GitHub, AniDB) are exposed in HTTP responses when no authentication is configured. The PoC fetches the credentials by parsing the HTML response from the `/config/general` endpoint.

Description

SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.

Exploits (3)

exploitdb WORKING POC

by Sven Fassbender · pythonwebappslinux

https://www.exploit-db.com/exploits/44545

View Code ZIP pw:eip

This exploit demonstrates an information leakage vulnerability in SickRage where clear-text credentials (e.g., GitHub, AniDB) are exposed in HTTP responses when no authentication is configured. The PoC fetches the credentials by parsing the HTML response from the `/config/general` endpoint.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SickRage < v2018.03.09-1

No auth needed

Prerequisites: SickRage instance without authentication enabled · Network access to the SickRage web interface

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by mechanico · poc

https://github.com/mechanico/sickrageWTF

View Code ZIP pw:eip

This PoC exploits CVE-2018-9160, an information leakage vulnerability in SickRage where clear-text credentials (e.g., GitHub) are exposed in HTTP responses. The script fetches the `/config/general` endpoint and parses the HTML to extract credentials from input fields.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SickRage < v2018.03.09-1

No auth needed

Prerequisites: SickRage instance without authentication enabled · Access to the SickRage web interface

MITRE ATT&CK

T1592 - Gather Victim Host Information T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC

by Sven Fassbender, Shelby Pace · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/http_sickrage_password_leak.rb

View Code ZIP pw:eip

This Metasploit module exploits an information leak vulnerability in SickRage to extract saved GitHub and other service credentials from HTTP responses. It checks for authentication and parses HTML to retrieve credentials from configuration pages.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SickRage < v2018-09-03

No auth needed

Prerequisites: Network access to the SickRage web interface · SickRage instance without login protection

MITRE ATT&CK

T1592 - Gather Victim Host Information T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Third Party Advisory x_refsource_misc

https://github.com/SickRage/SickRage/commit/8156a74a68aea930d1e1047baba8b115c3abfc44

View Patch ZIP pw:eip

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/44545/

Broken Link, Third Party Advisory x_refsource_misc

https://github.com/SickRage/sickrage.github.io/blob/master/sickrage-news/CHANGES.md

Scores

CVSS v3 9.8

EPSS 0.7652

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-522

Status published

Products (2)

pypi/sickrage 0 - 2018.03.09-1PyPI

sickrage/sickrage < 9.2.101

Published Mar 31, 2018

Tracked Since Feb 18, 2026