CVE-2021-4241

Published: Nov 15, 2022Modified: Jun 17, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A vulnerability, which was classified as problematic, was found in phpservermon. Affected is the function setUserLoggedIn of the file src/psm/Service/User.php. The manipulation leads to use of predictable algorithm in random number generator. The exploit has been disclosed to the public and may be used. The name of the patch is bb10a5f3c68527c58073258cb12446782d223bc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213744.

Affected (1)

Products: Phpservermonitor: Php Server Monitor

Phpservermonitor

1 product

Php Server Monitor

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpservermonitor Php Server Monitor	All versions

Related CWEs

Use of Insufficiently Random Values

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Insufficient Entropy

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.

References (6)

https://github.com/phpservermon/phpservermon/commit/bb10a5f3c68527c58073258cb12446782d223bc3

Source: cna@vuldb.com

PatchThird Party Advisory

https://huntr.dev/bounties/1-phpservermon/phpservermon/

Source: cna@vuldb.com

ExploitPatchThird Party Advisory

https://vuldb.com/?id.213744

Source: cna@vuldb.com

Third Party Advisory

https://github.com/phpservermon/phpservermon/commit/bb10a5f3c68527c58073258cb12446782d223bc3

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://huntr.dev/bounties/1-phpservermon/phpservermon/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

https://vuldb.com/?id.213744

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.