CVE-2026-41879 PUBLISHED

Weak password hashing in R-SOFT DMS

Assigner: CERT-PL
Reserved: 22.04.2026 Published: 10.07.2026 Updated: 10.07.2026

R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configuration file.

This issue was fixed in version v3.17-2000.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 8.2

Product Status

Vendor R-SOFT SERWIS
Product DMS
Versions Default: unaffected
  • affected from 0 to v3.17-2000 (excl.)

Credits

  • Marek Figielski (Vanilla.pl) finder

References

Problem Types

  • CWE-328 Use of Weak Hash CWE