CVE-2025-15586
Type Juggling Authentication Bypass in OGP-Website Pre-52f865a
Publication date: 2026-02-19
Last updated on: 2026-02-19
Assigner: ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opengamepanel | ogp-website | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2025-15586 is a critical authentication bypass vulnerability in the OpenGamePanel (OGP) Website caused by a coding error in the password verification logic. Specifically, the vulnerability arises from a type juggling flaw in PHP where the code uses a loose comparison operator (==) instead of a strict comparison (===) when comparing MD5 hashes of passwords.'}, {'type': 'paragraph', 'content': 'This flaw allows an attacker to bypass authentication without knowing the victim\'s actual password by exploiting so-called "magic hashes"βMD5 hashes that start with "0e" followed by digits, which PHP interprets as zero in loose comparisons. As a result, an attacker can log in as a user if that user\'s password hash matches such a pattern by supplying a different password that also hashes to a similar "0e..." value.'}, {'type': 'paragraph', 'content': 'The root cause was a typographical error where a single equals sign (=) was used instead of a double equals sign (==) in the conditional statements checking password hashes, causing assignment instead of comparison and thus allowing unauthorized access.'}] [2, 3]
How can this vulnerability impact me? :
This vulnerability can allow an attacker to bypass authentication controls and gain unauthorized access to user accounts without knowing their passwords.
Once authenticated, an attacker could potentially perform actions as the compromised user, including administrative actions if the account has elevated privileges.
Additionally, related authenticated Local File Inclusion (LFI) vulnerabilities can lead to remote code execution (RCE) or disclosure of sensitive files, further escalating the impact.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'The vulnerability in CVE-2025-15586 is caused by a coding error in the OpenGamePanel authentication mechanism where a single equals sign (=) is used instead of a double equals sign (==) in password hash comparisons. Detection involves verifying if the affected files contain this incorrect operator.'}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your system, you can check the source code of the OGP-Website installation, specifically the files `index.php` and `ogp_api.php`, for the presence of the assignment operator (=) in the password verification conditional statements.'}, {'type': 'list_item', 'content': 'Use grep or similar command to search for the vulnerable pattern in the codebase, for example:'}, {'type': 'list_item', 'content': 'grep -rn "md5($_POST[\'upassword\']) =" /path/to/OGP-Website/index.php'}, {'type': 'list_item', 'content': 'grep -rn "md5($password) =" /path/to/OGP-Website/ogp_api.php'}, {'type': 'paragraph', 'content': 'If these commands return matches, it indicates the vulnerable code is present and the system is affected.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The immediate mitigation for CVE-2025-15586 is to apply the fix that corrects the assignment operator (=) to a proper equality comparison operator (==) in the password verification logic within the affected files.'}, {'type': 'paragraph', 'content': 'Specifically, update the code in `index.php` and `ogp_api.php` to replace lines like:'}, {'type': 'list_item', 'content': "if (isset($userInfo['users_passwd']) && md5($_POST['upassword']) = $userInfo['users_passwd'])"}, {'type': 'list_item', 'content': 'with:'}, {'type': 'list_item', 'content': "if (isset($userInfo['users_passwd']) && md5($_POST['upassword']) == $userInfo['users_passwd'])"}, {'type': 'paragraph', 'content': 'Alternatively, update your OGP-Website installation to the latest version that includes the fix committed under SHA `52f865a`.'}, {'type': 'paragraph', 'content': 'Since this vulnerability allows authentication bypass, it is critical to apply this fix immediately to prevent unauthorized access.'}] [2]