Published: 16/09/2022 Updated: 08/08/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing malicious users to bypass authentication via bruteforce attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
digitaldruid hoteldruid 3.0.3

CVE-2021-42949 The component controlla_login function in HotelDruid Hotel Management Software v303 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks The session id is dynamically created at each login using the following generalized syntax: {date}{time}{100000-999999}{incremented login attempts} These values can be gu

TryHackMe HotelKiosk Official Writeup I created the HotelKiosk box on TryHackMe to highlight my first two CVEs (CVE-2021-42949 and CVE-2021-42948) found from inspiration through TheMayor's blog post I Was Bored One NIght and Found Two CVEs I also drew inspiration from John Hammond's Kiosk Breakout YouTube series where he covers the setup and escape of Windows native

CWE-287 https://github.com/dhammon/Security https://github.com/dhammon/HotelDruid-CVE-2021-42949 https://www.hoteldruid.com/https://nvd.nist.gov https://github.com/dhammon/HotelDruid-CVE-2021-42949

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-42949

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect