CVE-2024-0787

MEDIUM EPSS 36.2%
Published Nov 15, 20241y ago · Modified Jun 17, 20261w ago
5.9 CVSS 3.1
Medium
Find Similar
Published Nov 15, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get_user_ip()' function in 'class.Common.php' at lines 1044 and 1045, where the presence of the 'X-Forwarded-For' header is checked and used instead of 'REMOTE_ADDR'. This vulnerability allows attackers to perform brute force attacks on user accounts, including the admin account. The issue is fixed in version 1.7.0.

CVSS Details

Base Score
5.9
Exploitability
2.2
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
36.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-307

Affected Products 1

VendorProductVersionRange
phpipamphpipam* <1.7.0

References 2

  • github.com https://github.com/phpipam/phpipam/commit/55c2056068be9f1359e967fcff64db6b7f4d00b5
    Patch
  • huntr.com https://huntr.com/bounties/840cb582-1feb-43ab-9cc4-e4b5a63c5bab
    ExploitThird Party Advisory

Remediation

  • github.com https://github.com/phpipam/phpipam/commit/55c2056068be9f1359e967fcff64db6b7f4d00b5
    Patch