Vulnerability in R-soft Serwis Dms
CVE-2026-41879
R-SOFT DMS stores superadmin credentials using a non-salted nested MD5 hash. This allows an attacker who obtain password hash to decode superadmin credentials. Critically, this password cannot be changed except by modifying the configurati…
Affected products
- R-soft Serwis Dms — versions 0
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)