phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the X-Forwarded-For header. The issue lies in the get_user_ip() function in class.Common.php at lines 1044 and 1045, where the presence of the X-Forwarded-For header is checked and used instead of REMOTE_ADDR. This vulnerability allows attackers to perform brute force attacks on user accounts, including the admin account. The issue is fixed in version 1.7.0.
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Phpipam | Phpipam | * | 1.7.0 (excluding) |
Common protection mechanisms include:
Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
Consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator. [REF-45]