A 10-year-old authentication bypass vulnerability in the phpBB forum software allows attackers to log in as any user, including administrators. The flaw, which does not have an identifier, is easily exploitable with a single HTTP request and impacts phpBB versions 4.0.0-a2 or 3.3.16 and below. Researchers at Aikido discovered the bug and reported it through phpBB's HackerOne Vulnerability Disclosure Program, as reported by Bleeping Computer.The vulnerability, introduced 10 years ago, affects all versions of the 3.x and 4.x release branches up to the specified versions. While a fix is available for the 3.x branch in version 3.3.17, no fix is yet available for the 4.x branch. Exploiting the bug requires no special configuration and can be triggered on default settings. Administrator access could allow attackers to view private messages, create or delete content and user accounts, impersonate staff, or deface websites. The member list on phpBB forums is public by default, making target selection straightforward. Remote code execution is not possible due to a separate password check for the Admin Control Panel.Aikido withheld technical details to allow administrators time to update and has contacted large phpBB forum administrators directly. Updates may cause issues with OAuth authentication, but this is expected to be a simple fix.Source: Bleeping Computer
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds