CVE-2025-23046— GLPI vulnerable to unauthorized authentication by email using the OAuthIMAP plugin
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-23046
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GLPI vulnerable to unauthorized authentication by email using the OAuthIMAP plugin
Source: NVD (National Vulnerability Database)
Vulnerability Description
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.18, if a "Mail servers" authentication provider is configured to use an Oauth connection provided by the OauthIMAP plugin, anyone can connect to GLPI using a user name on which an Oauth authorization has already been established. Version 10.0.18 contains a patch. As a workaround, one may disable any "Mail servers" authentication provider configured to use an Oauth connection provided by the OauthIMAP plugin.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证算法的不正确实现
Source: NVD (National Vulnerability Database)
Vulnerability Title
GLPI 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
GLPI是GLPI开源的一款开源IT和资产管理软件。该软件提供功能全面的IT资源管理接口,你可以用它来建立数据库全面管理IT的电脑,显示器,服务器,打印机,网络设备,电话,甚至硒鼓和墨盒等。 GLPI 9.5.0至10.0.18之前版本存在安全漏洞,该漏洞源于使用OauthIMAP插件的邮件服务器认证提供商,可能允许任何人连接GLPI。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| glpi-project | glpi | >= 9.5.0, < 10.0.18 | - |
II. Public POCs for CVE-2025-23046
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-23046
请登录查看更多情报信息。
- Release 10.0.18 · glpi-project/glpi · GitHubx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2025-23046
Same Patch Batch · glpi-project · 2025-02-25 · 5 CVEs total
| CVE-2025-25192 | 6.5 MEDIUM | GLPI allows unauthorized access to debug mode |
| CVE-2025-21627 | 6.5 MEDIUM | GLPI Cross-site Scripting vulnerability |
| CVE-2025-21626 | 5.8 MEDIUM | GLPI vulnerable to exposure of sensitive information in the `status.php` endpoint |
| CVE-2025-23024 | GLPI: Plugins are disabled accessing one page |
IV. Related Vulnerabilities
Same product: glpi
- CVE-2026-29047
GLPI has an Authenticated SQL Injection via log exports - CVE-2026-26263
GLPI has an Unauthenticated SQL Injection via Search engine - CVE-2026-26027
GLPI has an Unauthenticated Stored XSS via inventory - CVE-2026-26026
GLPI has a Server-Side Template Injection via Double-Compila - CVE-2026-25932
GLPI has Stored XSS in Supplier 'Website' field
Same vendor: glpi-project
- CVE-2026-29047
GLPI has an Authenticated SQL Injection via log exports - CVE-2026-26263
GLPI has an Unauthenticated SQL Injection via Search engine - CVE-2026-26027
GLPI has an Unauthenticated Stored XSS via inventory - CVE-2026-26026
GLPI has a Server-Side Template Injection via Double-Compila - CVE-2026-25932
GLPI has Stored XSS in Supplier 'Website' field
Same weakness: CWE-303
- CVE-2026-33190
CoreDNS TSIG authentication bypass on encrypted DNS transpor - CVE-2026-27656
Account Takeover via Substring Matching in OpenID Connect Au - CVE-2026-32953
Tillitis: TKey Client has an Error in Protocol Implementatio - CVE-2026-29515
MiCode FileExplorer SwiFTP Server Authentication Bypass - CVE-2019-25436
Sricam DeviceViewer 3.12.0.1 Password Change Security Bypass
V. Comments for CVE-2025-23046
No comments yet