Vulners
Lucene search
PHPIPAM <v1.5.1 - Missing Authorization
| Reporter | Title | Published | Views | Family All 20 |
|---|---|---|---|---|
 | Improper authorization | 18 Jan 202318:25 | – | huntr |
 | CVE-2023-0678 | 5 Feb 202309:33 | – | circl |
 | phpIPAM 授权问题问题漏洞 | 4 Feb 202300:00 | – | cnnvd |
 | phpIPAM authorization issue issue vulnerability | 7 Feb 202300:00 | – | cnvd |
 | CVE-2023-0678 | 4 Feb 202300:00 | – | cve |
 | CVE-2023-0678 Missing Authorization in phpipam/phpipam | 4 Feb 202300:00 | – | cvelist |
 | CVE-2023-0678 | 4 Feb 202313:15 | – | nvd |
 | phpIPAM < 1.5.1 Multiple Vulnerabilities | 6 Feb 202300:00 | – | openvas |
 | CVE-2023-0678 Missing Authorization in phpipam/phpipam | 4 Feb 202300:00 | – | osv |
 | Authorization | 4 Feb 202313:15 | – | prion |
10
id: CVE-2023-0678
info:
name: PHPIPAM <v1.5.1 - Missing Authorization
author: princechaddha,ritikchaddha
severity: medium
description: |
In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains sensitive information such as a subnet description, IP ranges, and usage rates via find_full_subnets.php endpoint. The bug lies in the fact that find_full_subnets.php does not verify if the user is authorized to access the data, and if the script was started from a command line.
impact: |
Unauthenticated attackers can access sensitive network information including IP subnet descriptions, ranges, and usage rates through the find_full_subnets.php endpoint without authorization.
remediation: |
Update phpIPAM to version 1.5.1 or later that implements proper authorization checks in find_full_subnets.php before returning subnet information.
reference:
- https://github.com/phpipam/phpipam/commit/1960bd24e8a55796da066237cf11272c44bb1cc4
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2023-0678
cwe-id: CWE-862
epss-score: 0.67615
epss-percentile: 0.98594
cpe: cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: phpipam
product: phpipam
shodan-query:
- "html:\"phpIPAM IP address management\""
- http.html:"phpipam ip address management"
fofa-query: "body=\"phpipam ip address management\""
tags: cve,cve2023,php,phpipam,unauth,vuln
http:
- method: GET
path:
- "{{BaseURL}}/functions/scripts/find_full_subnets.php"
matchers:
- type: dsl
dsl:
- 'contains_all(body, "Array", "[subnet]", "[description]")'
- 'status_code == 200'
condition: and
# digest: 4b0a00483046022100ce625b1d99c9faf1d343f8995acef1512f0e7e96c141cc345b45ffc2cf4e193a022100f0a8d8334e2e236a07832765c1dbb79fced90771339f834590e0c8e1ac67cdc2:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.15.3
CVSS 37.5
EPSS0.67615
SSVC