Login Sign Up

CVE-2020-18418

8.8 HIGH
Authentication Bypass CSRF

📋 TL;DR

This CSRF vulnerability in FeiFeiCMS v4.1.190209 allows attackers to trick authenticated administrators into unknowingly creating new administrator accounts. Attackers can exploit this by luring administrators to malicious websites while logged into the CMS. This affects all deployments of FeiFeiCMS v4.1.190209 that have administrator interfaces accessible.

💻 Affected Systems

Products:
  • FeiFeiCMS
Versions: v4.1.190209
Operating Systems: all
Default Config Vulnerable: ⚠️ Yes
Notes: Requires administrator to be authenticated and visit malicious site while logged in.

📦 What is this software?

Feifeicms by Feifeicms

View all CVEs affecting Feifeicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the CMS instance with attacker gaining administrative privileges, potentially leading to data theft, defacement, or further system compromise.

🟠

Likely Case

Unauthorized administrator account creation leading to persistent access for attackers, enabling content manipulation, data extraction, or installation of backdoors.

🟢

If Mitigated

No impact if proper CSRF protections are implemented or if administrators don't visit malicious sites while authenticated.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires social engineering to trick authenticated administrators into visiting malicious pages.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None known

Restart Required: No

Instructions:

1. Upgrade to a patched version if available. 2. If no patch exists, implement CSRF tokens on all administrative endpoints. 3. Review and modify the /index.php?s=Admin-Admin-Insert endpoint to require CSRF validation.

🔧 Temporary Workarounds

Implement CSRF Protection

all

Add CSRF tokens to all administrative forms and validate them on submission.

Modify PHP files to include CSRF token generation and validation

Restrict Admin Interface Access

all

Limit access to admin interface to specific IP addresses or VPN.

Add IP restrictions in .htaccess or web server configuration

🧯 If You Can't Patch

  • Implement SameSite cookies and require re-authentication for sensitive actions
  • Use browser extensions that block CSRF attempts and educate administrators about phishing risks

🔍 How to Verify

Check if Vulnerable:

Check if FeiFeiCMS version is 4.1.190209 and examine if /index.php?s=Admin-Admin-Insert endpoint lacks CSRF protection.

Check Version:

Check CMS configuration files or admin panel for version information

Verify Fix Applied:

Test if administrative account creation requests now require valid CSRF tokens and fail without them.

📡 Detection & Monitoring

Log Indicators:

  • Multiple administrator account creation attempts from same session
  • Admin-Admin-Insert requests without referrer validation

Network Indicators:

  • POST requests to /index.php?s=Admin-Admin-Insert from unexpected referrers

SIEM Query:

source="web_logs" AND uri="/index.php" AND query="s=Admin-Admin-Insert" AND NOT referrer="*admin*"

📊 Metadata

CVE ID: CVE-2020-18418
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: June 27, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-18418, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)