Use of Wrong Operator in String Comparison in erikdubbelboer/phpredisadmin
Oct 5th 2021
$response is a salted md5 hash generated based on the concatenated hashed of credentials with other parameters.
It has been discovered that
$response compares with
$data['response'] using comparison operator
!= in file
login.inc.php. This might cause unexpected behavior due to type juggling.
It is possible to reduce the strength of the hash by using magic hash attack, and leveraged to bypass authentication.
This vulnerability is capable of authentication bypass
We have contacted a member of the erikdubbelboer/phpredisadmin team and are waiting to hear back a year ago
Erik Dubbelboer validated this vulnerability a year ago
Viky has been awarded the disclosure bounty
The fix bounty is now up for grabs
Erik Dubbelboer marked this as fixed with commit 31aa76 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation