Login Sign Up

CVE-2022-1252

8.2 HIGH
Authentication Bypass

📋 TL;DR

This vulnerability in GnuBoard5 uses weak cryptographic algorithms that allow attackers to decrypt sensitive user information. Attackers can derive email addresses of any user and send emails with controlled content, even when privacy settings are enabled. All GnuBoard5 installations up to version 5.5.5 are affected.

💻 Affected Systems

Products:
  • GnuBoard5
Versions: All versions up to and including 5.5.5
Operating Systems: Any OS running GnuBoard5
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all installations regardless of configuration. The vulnerability exists in the core cryptographic implementation.

📦 What is this software?

Gnuboard by Sir

View all CVEs affecting Gnuboard →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Mass email harvesting of all user email addresses leading to targeted phishing campaigns, spam distribution, and potential credential theft through malicious emails.

🟠

Likely Case

Targeted email address harvesting of specific users for spam or phishing attacks, with potential for email spoofing and social engineering.

🟢

If Mitigated

Limited to email address exposure without access to passwords or other sensitive data, but still enabling unwanted email communications.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept exists demonstrating email address decryption. Exploitation requires minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.5.6 or later

Vendor Advisory: https://github.com/gnuboard/gnuboard5

Restart Required: No

Instructions:

1. Backup your GnuBoard5 installation and database. 2. Download the latest version from the official GitHub repository. 3. Replace all files with the updated version. 4. Verify the update by checking the version in the admin panel.

🔧 Temporary Workarounds

Disable user email display

all

Temporarily disable all email address display functionality in user profiles and public interfaces

Modify GnuBoard5 configuration to hide email addresses from all public views

🧯 If You Can't Patch

  • Implement network-level email filtering to detect and block suspicious email patterns
  • Enable enhanced logging for email-related functions and monitor for unusual email sending patterns

🔍 How to Verify

Check if Vulnerable:

Check GnuBoard5 version in admin panel or by examining the source code for weak cryptographic functions

Check Version:

Check admin panel or examine /common.php for version information

Verify Fix Applied:

Verify version is 5.5.6 or later and test email encryption functions with known test vectors

📡 Detection & Monitoring

Log Indicators:

  • Unusual patterns of email-related API calls
  • Multiple failed decryption attempts
  • Unexpected email sending activities

Network Indicators:

  • Unusual outbound email traffic patterns
  • Multiple requests to user profile endpoints

SIEM Query:

source="gnuboard" AND (event="email_decrypt" OR event="user_email_access")

📊 Metadata

CVE ID: CVE-2022-1252
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
CWE: CWE-327
Published: April 11, 2022
Last Updated: February 24, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-1252, you might also want to check these:

CVE-2024-51478 9.9

This vulnerability in YesWiki allows attackers to recover password reset keys due to weak cryptograp...

Same vulnerability type (CWE-327)
CVE-2021-22738 9.8

This vulnerability in Schneider Electric homeLYnk and spaceLYnk systems allows attackers to brute-fo...

Same vulnerability type (CWE-327)
CVE-2025-69929 9.8

This vulnerability in N3uron Web User Interface v1.21.7-240207.1047 allows remote attackers to escal...

Same vulnerability type (CWE-327)