DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack.
DoraCMS v2.1.8 reuses the same verification code when validating username and password, instead of generating a new code for each login attempt. This mechanism (CWE-307 – lack of restrictions on excessive authentication attempts) allows an attacker to make multiple login attempts without invalidating the verification code. As a result, automated mass testing of authentication credentials using brute-force method is possible.
An attacker can gain unauthorized access to a user or administrator account of the application, potentially resulting in complete system takeover and violation of data confidentiality, integrity, and availability.
Patches available from the vendor should be applied according to references. Additionally, it is recommended to implement mechanisms limiting login attempts (e.g., account lockout after a specified number of failed attempts, CAPTCHA, rate limiting) and enforce generation of a new verification code after each authentication attempt.
DoraCMS v2.1.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HHtml Js Doracms
APPHtml-Js2.1.8
Related vulnerabilities
DoraCMS 2.1.8 — użycie zakodowanego na stałe klucza kryptograficznego
DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request.
Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary ...
Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive information as i...
A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the fi...