Use of Wrong Operator in String Comparison in erikdubbelboer/phpredisadmin


Reported on

Oct 5th 2021


$response is a salted md5 hash generated based on the concatenated hashed of credentials with other parameters.

It has been discovered that $response compares with $data['response'] using comparison operator != in file This might cause unexpected behavior due to type juggling.

It is possible to reduce the strength of the hash by using magic hash attack, and leveraged to bypass authentication.


This vulnerability is capable of authentication bypass


Use !== instead

We have contacted a member of the erikdubbelboer/phpredisadmin team and are waiting to hear back a year ago
Erik Dubbelboer validated this vulnerability a year ago
Viky has been awarded the disclosure bounty
The fix bounty is now up for grabs
Erik Dubbelboer marked this as fixed with commit 31aa76 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE has been validated
to join this conversation