CVE-2020-7378

CRITICAL

OpenCRX < 5.0-20200904 - Unauthenticated Unverified Password Change

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-7378. PoCs published by ruthvikvegunta, loganpkinfosec.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2020-7378, which leverages weak randomness in OpenCRX's password reset tokens to perform unauthenticated account takeover. The exploit automates token prediction and password reset, then cleans up traces by deleting related emails.

Description

CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in version 5.0-20200904, released September 4, 2020.

Exploits (2)

nomisec WORKING POC 5 stars
by ruthvikvegunta · poc
https://github.com/ruthvikvegunta/openCRX-CVE-2020-7378

This repository contains a functional Python exploit for CVE-2020-7378, which leverages weak randomness in OpenCRX's password reset tokens to perform unauthenticated account takeover. The exploit automates token prediction and password reset, then cleans up traces by deleting related emails.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: OpenCRX v4.2.0 (and other versions)
No auth needed
Prerequisites: Network access to OpenCRX login page · Valid username to target
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by loganpkinfosec · poc
https://github.com/loganpkinfosec/CVE-2020-7378

This repository contains a functional exploit for CVE-2020-7378, combining a predictable password reset token vulnerability and an XXE flaw in OpenCRX. The exploit includes a Java token generator and a Python script to automate the attack chain.

Classification
Working Poc 95%
Attack Type
Auth Bypass, Info Leak
Complexity
Moderate
Reliability
Reliable
Target: OpenCRX ≤ 5.0-20200717
No auth needed
Prerequisites: Access to the target OpenCRX instance · Knowledge of a valid user ID
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 9.1
EPSS 0.0262
EPSS Percentile 83.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-620 CWE-287
Status published
Products (3)
opencrx/opencrx 5.0 20200714 (3 CPE variants)
opencrx/opencrx 5.0.0
opencrx/opencrx < 4.3.0
Published Nov 24, 2020
Tracked Since Feb 18, 2026