Exploitation Summary
EIP tracks 1 public exploit for CVE-2020-35775. PoCs published by skysbsb.
AI-analyzed exploit summary This writeup describes an LDAP injection vulnerability combined with a logic error in CITSmart ITSM, allowing authentication bypass by exploiting the order of returned LDAP query results. The attacker must know at least one valid username/password to trigger the flaw.
Description
CITSmart before 9.1.2.23 allows LDAP Injection.
Exploits (1)
exploitdb
WRITEUP
by skysbsb · textwebappsjava
https://www.exploit-db.com/exploits/49762
This writeup describes an LDAP injection vulnerability combined with a logic error in CITSmart ITSM, allowing authentication bypass by exploiting the order of returned LDAP query results. The attacker must know at least one valid username/password to trigger the flaw.
Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target:
CITSmart ITSM < 9.1.2.23
Auth required
Prerequisites:
Valid username/password for at least one account · Access to the login page
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (5)
Core 5
Core References
Product, Vendor Advisory x_refsource_misc
https://citsmart.com.br/solucoes/itsm-2/
Third Party Advisory x_refsource_misc
https://github.com/nardnet/citsmart/blob/master/WEB-INF/src/br/com/centralit/citcorpore/integracao/ad/LDAPUtils.java
Product x_refsource_misc
https://rdstation-static.s3.amazonaws.com/cms/files/86153/1597862259Ebook-Whatsnew-CITSmart.pdf
Release Notes, Vendor Advisory x_refsource_confirm
https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/162181/CITSmart-ITSM-9.1.2.22-LDAP-Injection.html
Scores
CVSS v3
9.8
EPSS
0.1331
EPSS Percentile
95.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-74
Status
published
Products (1)
citsmart/citsmart
< 9.1.2.23
Published
Feb 15, 2021
Tracked Since
Feb 18, 2026