DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key.
The cryptographic key is embedded directly in the source code of the DoraCMS application, which means that each instance of the software uses an identical, publicly available or easily readable secret. An attacker, knowing this key, can forge session tokens, sign malicious data, or otherwise bypass authentication and authorization mechanisms. The vulnerability severity (CVSS 9.8) indicates that the attack can be carried out remotely without authentication and without any user interaction.
An attacker can gain full control over the application — read and modify protected data (C:H, I:H) and cause service unavailability (A:H), which corresponds to maximum impact in all three security areas.
Patches available from the vendor should be applied according to the references. It is recommended to update DoraCMS as soon as possible to a version where the cryptographic key is generated individually per instance, and immediately change all keys and secrets in production deployments based on version 2.1.8.
DoraCMS version 2.1.8 (Html-Js DoraCMS)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HHtml Js Doracms
APPHtml-Js2.1.8
Related vulnerabilities
DoraCMS – podatność na atak brute-force przez ponowne użycie kodu weryfikacyjnego
DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request.
Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary ...
Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive information as i...
A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the fi...