CVE-2025-44040
HIGHOrangeHRM 5.7 - Privilege Escalation via UserService.php Loose-Equality Comparison
Title source: llmDescription
An issue in OrangeHRM v.5.7 allows an attacker to escalate privileges via UserService.php and the checkForOldHash function. Authentication decisions may be made via PHP loose-equality comparisons if a specific MD5 value is present in the credential store. NOTE: this is disputed by the Supplier because an adversary has no way to place the specific MD5 value into the credential store (unless they already have full privileges) and because the specific MD5 value would not realistically be present otherwise.
References (2)
Core 2
Core References
Third Party Advisory
https://github.com/hexomedin3/advisories/tree/main/CVE-2025-44040
Release Notes
https://github.com/orangehrm/orangehrm/releases/tag/v5.7
Scores
CVSS v3
7.2
EPSS
0.0040
EPSS Percentile
32.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-269
Status
published
Products (1)
orangehrm/orangehrm
5.7
Published
May 21, 2025
Tracked Since
Feb 18, 2026