Authentication bypass using an alternate path or channel in eLabFTW - CVE-2021-43833
Published: December 15, 2021 / Updated: April 24, 2026
Vulnerability identifier: #VU127366
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-43833
CWE-ID: CWE-288
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
eLabFTW
eLabFTW
Software vendor:
elabftw
elabftw
Description
The vulnerability allows a remote user to gain access to arbitrary accounts.
The vulnerability exists due to authentication bypass using an alternate path or channel in the email address handling logic when setting a specially crafted email address. A remote user can set a specially crafted email address to gain access to arbitrary accounts.
The issue affects instances that have not set an explicit email domain name allowlist. The default configuration requires administrator validation of newly created accounts, and exploitation requires control of an account.
Remediation
Install security update from vendor's website.