CVE-2026-1202
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-20

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in CRMEB up to 5.6.3. The affected element is the function appleLogin of the file crmeb/app/api/controller/v1/LoginController.php. Performing a manipulation of the argument openId results in improper authentication. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-20
Last Modified
2026-04-29
Generated
2026-05-27
AI Q&A
2026-01-20
EPSS Evaluated
2026-05-25
NVD
CVE-2026-1202
EUVD
EUVD-2026-3483
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
crmeb crmeb to 5.6.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-1202 is an improper authentication vulnerability in CRMEB versions up to 5.6.3, specifically in the appleLogin function of the LoginController.php file. The vulnerability occurs because the system does not verify the cryptographic signature of Apple's identity token and instead directly trusts the client-supplied openId parameter without authentication checks. This allows remote attackers to forge arbitrary openId values, enabling them to create fake user accounts or log in as any existing Apple user if the openId is known, effectively bypassing secure authentication. [1, 2]


How can this vulnerability impact me? :

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain unauthorized access to user accounts. Attackers can create unlimited fake user accounts or log in as any existing Apple user if they know the openId. This compromises the confidentiality, integrity, and availability of the system, potentially allowing attackers full account access with valid JWT tokens. The exploit is easy to carry out and publicly available, increasing the risk of attacks. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by identifying if your system is running CRMEB versions 5.6.0 through 5.6.3, specifically by checking for the presence of the vulnerable appleLogin function in the file crmeb/app/api/controller/v1/LoginController.php. Additionally, you can search for the vulnerable endpoint using Google dorking with queries such as 'inurl:crmeb/app/api/controller/v1/LoginController.php' to find exposed instances. Network detection could involve monitoring for suspicious requests manipulating the openId parameter to bypass authentication. Specific commands are not provided in the resources. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include replacing the affected CRMEB component with an alternative product, as no official patches or mitigations have been provided by the vendor. It is also advisable to restrict access to the vulnerable endpoint and monitor for exploitation attempts. Since the vendor did not respond to disclosure and no fixes are available, discontinuing use of the vulnerable versions is recommended. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart