Login Sign Up

CVE-2023-5318

7.5 HIGH
Authentication Bypass

📋 TL;DR

CVE-2023-5318 involves hard-coded credentials in Microweber CMS versions before 2.0, allowing attackers to gain unauthorized access to affected systems. This affects all users running vulnerable Microweber installations, potentially compromising website administration and data.

💻 Affected Systems

Products:
  • Microweber CMS
Versions: All versions prior to 2.0
Operating Systems: All platforms running Microweber
Default Config Vulnerable: ⚠️ Yes
Notes: All installations using default or unpatched code are vulnerable regardless of configuration.

📦 What is this software?

Microweber by Microweber

View all CVEs affecting Microweber →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to take over the CMS, deface websites, steal sensitive data, or deploy malware.

🟠

Likely Case

Unauthorized administrative access leading to content manipulation, plugin installation, or data exfiltration.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent external exploitation.

🌐 Internet-Facing: HIGH - Internet-facing Microweber installations are directly vulnerable to credential-based attacks.
🏢 Internal Only: MEDIUM - Internal systems could be compromised through lateral movement if credentials are discovered.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires only knowledge of hard-coded credentials, making attacks trivial once credentials are discovered.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0 and later

Vendor Advisory: https://github.com/microweber/microweber/commit/c48b34dfd6cae7a55b452280d692dc62512574b0

Restart Required: No

Instructions:

1. Update to Microweber 2.0 or later. 2. Replace any hard-coded credentials with secure, unique credentials. 3. Review and rotate all administrative credentials.

🔧 Temporary Workarounds

Manual credential removal

all

Manually locate and remove hard-coded credentials from source code

grep -r 'hardcoded_password' /path/to/microweber/
Review and edit files containing hard-coded credentials

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure to trusted IPs only
  • Enable multi-factor authentication and regularly rotate all administrative credentials

🔍 How to Verify

Check if Vulnerable:

Check Microweber version via admin panel or by examining source files for version indicators

Check Version:

Check admin dashboard or examine composer.json for version information

Verify Fix Applied:

Confirm installation is version 2.0+ and search codebase for known hard-coded credential patterns

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed login attempts followed by successful login with unusual patterns
  • Administrative actions from unexpected IP addresses

Network Indicators:

  • Unusual administrative traffic patterns
  • Authentication requests using known hard-coded credentials

SIEM Query:

source="web_logs" AND (login_success="true" AND user_agent="*suspicious*") OR (login_attempts>5 AND success_rate>80%)

📊 Metadata

CVE ID: CVE-2023-5318
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-798
Published: September 30, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-5318, you might also want to check these:

CVE-2025-20188 10.0

This critical vulnerability in Cisco IOS XE Wireless LAN Controllers allows unauthenticated remote a...

Same vulnerability type (CWE-798)
CVE-2026-22769 10.0

Dell RecoverPoint for Virtual Machines versions before 6.0.3.1 HF1 contain hardcoded credentials tha...

Same vulnerability type (CWE-798)
CVE-2021-0248 10.0

This vulnerability involves hard-coded credentials in Juniper Junos OS on NFX Series devices, allowi...

Same vulnerability type (CWE-798)