Description
A weakness has been identified in CRMEB up to 5.6.3. The impacted element is the function remoteRegister of the file crmeb/app/services/user/LoginServices.php of the component JSON Token Handler. Executing a manipulation of the argument uid can lead to improper authentication. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-01-20
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass
Action: Assess Impact
AI Analysis

Impact

The vulnerability resides in CRMEB's JSON Token Handler, specifically the remoteRegister function in LoginServices.php. By manipulating the uid argument supplied during a registration request, an attacker can bypass the authentication logic and create or bind an account without proper credentials. This results in an authentication bypass, allowing the attacker to gain unauthorized access to the system.

Affected Systems

The affected vendor is CRMEB, and all releases up to version 5.6.3 are vulnerable. System owners running CRMEB 5.6.3 or earlier are potentially vulnerable. Upgrading to a newer release that excludes this flaw is recommended.

Risk and Exploitability

The CVSS score of 6.3 indicates moderate to high severity, but the EPSS score of fewer than 1% suggests that exploitation is currently unlikely in the wild. The exploit is remote, requires a high level of complexity, and the public exploit code is available, making it a difficult but feasible attack for a determined adversary. This weakness is classified as CWE-287 (Improper Authentication). The vulnerability has not yet been catalogued in CISA's KEV list.

Generated by OpenCVE AI on April 18, 2026 at 15:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a CRMEB version newer than 5.6.3 that removes the remoteRegister flaw or install an officially released patch if one becomes available.
  • Restrict or disable the remoteRegister endpoint for unauthenticated callers, ensuring that only properly authenticated requests can reach this function.
  • Introduce rigorous input validation to reject any uid values that arise from crafted requests and monitor registration logs for suspicious activity.

Generated by OpenCVE AI on April 18, 2026 at 15:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 29 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:*

Tue, 20 Jan 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 20 Jan 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Crmeb
Crmeb crmeb
Vendors & Products Crmeb
Crmeb crmeb

Tue, 20 Jan 2026 01:15:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in CRMEB up to 5.6.3. The impacted element is the function remoteRegister of the file crmeb/app/services/user/LoginServices.php of the component JSON Token Handler. Executing a manipulation of the argument uid can lead to improper authentication. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title CRMEB JSON Token LoginServices.php remoteRegister improper authentication
Weaknesses CWE-287
References
Metrics cvssV2_0

{'score': 5.1, 'vector': 'AV:N/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.6, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Crmeb Crmeb
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T08:51:51.400Z

Reserved: 2026-01-19T15:27:54.847Z

Link: CVE-2026-1203

cve-icon Vulnrichment

Updated: 2026-01-20T21:10:32.028Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-20T01:15:56.977

Modified: 2026-01-29T21:14:38.420

Link: CVE-2026-1203

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T16:00:04Z

Weaknesses