Login Sign Up

CVE-2020-18648

8.8 HIGH
Authentication Bypass CSRF

📋 TL;DR

This CSRF vulnerability in JuQingCMS v1.0 allows attackers to trick authenticated administrators into performing unauthorized actions, specifically creating new administrator accounts. It affects all installations of JuQingCMS v1.0 with the default configuration. Attackers can exploit this remotely to gain administrative privileges.

💻 Affected Systems

Products:
  • JuQingCMS
Versions: v1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects installations with the admin interface accessible and administrator accounts present.

📦 What is this software?

Juqingcms by Juqingcms

View all CVEs affecting Juqingcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the CMS installation with attacker gaining administrative access, allowing content manipulation, data theft, or further system compromise.

🟠

Likely Case

Unauthorized administrator account creation leading to persistent backdoor access and potential website defacement or data exfiltration.

🟢

If Mitigated

No impact if proper CSRF protections are implemented or if the vulnerability is patched.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires tricking an authenticated administrator into visiting a malicious page while logged in.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing CSRF protections manually.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add CSRF token validation to the administrator add functionality in admin/index.php

Edit admin/index.php to include CSRF token generation and validation

Restrict Admin Access

all

Limit access to the admin interface to trusted IP addresses only

Add IP whitelisting to .htaccess or web server configuration for /admin/ directory

🧯 If You Can't Patch

  • Implement web application firewall rules to detect and block CSRF attempts
  • Require re-authentication for sensitive administrative actions like adding new users

🔍 How to Verify

Check if Vulnerable:

Check if JuQingCMS version is 1.0 and if admin/index.php?c=administrator&a=add endpoint lacks CSRF protection

Check Version:

Check CMS version in configuration files or admin panel

Verify Fix Applied:

Test that CSRF tokens are required and validated when accessing the administrator add functionality

📡 Detection & Monitoring

Log Indicators:

  • Multiple administrator account creation attempts from different IPs
  • POST requests to admin/index.php?c=administrator&a=add without referrer validation

Network Indicators:

  • HTTP requests to the vulnerable endpoint with suspicious referrers or missing CSRF tokens

SIEM Query:

source="web_logs" AND uri="/admin/index.php" AND query="c=administrator&a=add" AND method="POST"

📊 Metadata

CVE ID: CVE-2020-18648
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: June 22, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-18648, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)