[KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability
Full Disclosuremailing list archivesFrom: Egidio Romano <n0b0d13s () gmail com> 2026-6-16 06:54:43 Author: seclists.org(查看原文) 阅读量:6 收藏
Full Disclosuremailing list archivesFrom: Egidio Romano <n0b0d13s () gmail com> 2026-6-16 06:54:43 Author: seclists.org(查看原文) 阅读量:6 收藏
Full Disclosure mailing list archives
From: Egidio Romano <n0b0d13s () gmail com>
Date: Mon, 15 Jun 2026 20:43:10 +0200
------------------------------------------------------ Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability ------------------------------------------------------ [-] Software Link: https://www.discuz.vip [-] Affected Versions: Version X5.0, releases 20260320 through 20260610. Older X3.4 and X3.5 releases may be affected too. [-] Vulnerability Description: A security weakness in the CAPTCHA implementation of Discuz! allows automated solving of CAPTCHA challenges through Optical Character Recognition (OCR) techniques. Due to the limited complexity and predictability of the generated CAPTCHA images, an attacker can train a custom OCR model to reliably recognize the challenge text, effectively bypassing a security control intended to prevent automated abuse. This issue may facilitate automated registration, login, credential stuffing, and exploitation workflows that rely on CAPTCHA-protected functionality. [-] Proof of Concept: https://karmainsecurity.com/pocs/discuz_captcha_bypass.zip [-] Solution: No official solution is currently available. [-] Disclosure Timeline: [27/04/2026] - Vendor contacted through private messages on gitee.com, no response [27/04/2026] - Vendor contacted via e-mail at admin () discuz vip and security () tencent com, no response [07/05/2026] - Opened issue IJLFUW on https://gitee.com/Discuz/DiscuzX [09/05/2026] - Vulnerability details shared within issue IJLFUW [09/05/2026] - Vendor replied "OCR-based CAPTCHA bypass is a well-known issue" [09/06/2026] - CVE identifier requested [09/06/2026] - CVE identifier assigned [13/06/2026] - Public disclosure at hackmeeting 0x1D [15/06/2026] - Publication of this advisory [-] CVE Reference: CVE-2026-49953 has been assigned to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: https://karmainsecurity.com/KIS-2026-10 [-] Technical write-up: https://karmainsecurity.com/chaining-bugs-in-discuz-from-race-condition-to-rce _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- [KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability Egidio Romano (Jun 15)
文章来源: https://seclists.org/fulldisclosure/2026/Jun/4
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh