PT-2026-53853 · Unknown · Redeight Cms
Jacek Czepil
·
Published
2026-06-30
·
Updated
2026-06-30
·
CVE-2026-53692
CVSS v4.0
5.9
Medium
| Vector | AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Redeight CMS version 1.0
Description
The software uses the MD5 algorithm without a salt to store user passwords. Since MD5 is a cryptographically broken algorithm and lacks salting, attackers who obtain the password hashes can reverse them using rainbow tables, which are precomputed tables used to reverse cryptographic hash functions, leading to the exposure of plaintext credentials.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Redeight Cms