In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks.
Max CVSS
9.8
EPSS Score
0.77%
Published
2019-04-07
Updated
2021-07-21
Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of airsonic in GlobalSecurityConfig.java. An attacker able to capture cookies might be able to trivially bruteforce offline the passwords of associated users.
Max CVSS
9.8
EPSS Score
0.22%
Published
2019-04-07
Updated
2020-08-24
XXE issue in Airsonic before 10.1.2 during parse.
Max CVSS
9.8
EPSS Score
0.24%
Published
2019-04-04
Updated
2019-04-08
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!