CVE-2020-5745 – CVE-2020-5745 is a cross-site request forgery (... (How to Fix)

Q: What is the severity of CVE-2020-5745?

CVE-2020-5745 has a CVSS score of 7.4 (HIGH). CVE-2020-5745 is a cross-site request forgery (CSRF) vulnerability in TCExam that allows attackers to trick authenticated users into performing unintended actions by clicking malicious links. This affects TCExam administrators and users with application privileges. Attackers can exploit this without directly compromising credentials.

📋 TL;DR

CVE-2020-5745 is a cross-site request forgery (CSRF) vulnerability in TCExam that allows attackers to trick authenticated users into performing unintended actions by clicking malicious links. This affects TCExam administrators and users with application privileges. Attackers can exploit this without directly compromising credentials.

💻 Affected Systems

Products:

TCExam

Versions: 14.2.2 and earlier

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All TCExam installations running vulnerable versions are affected regardless of configuration.

📦 What is this software?

Tcexam by Tecnick

View all CVEs affecting Tcexam →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could create/delete users, modify exam content, change system settings, or perform administrative actions leading to complete application compromise.

🟠

Likely Case

Attackers would typically modify user accounts, alter exam questions, or change configuration settings to disrupt operations or gain unauthorized access.

🟢

If Mitigated

With proper CSRF protections and user awareness, impact is limited to failed exploitation attempts with no data compromise.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires social engineering to trick authenticated users into clicking malicious links.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.3.0 and later

Vendor Advisory: https://tcexam.org/news/

Restart Required: No

Instructions:

1. Backup current TCExam installation. 2. Download TCExam 14.3.0 or later from official site. 3. Replace vulnerable files with patched version. 4. Verify CSRF tokens are properly implemented.

🔧 Temporary Workarounds

Implement CSRF Protection

all

Add CSRF tokens to all state-changing forms and validate them server-side.

Manual code modification required - add anti-CSRF tokens to forms

SameSite Cookie Attribute

all

Set SameSite=Strict or Lax attributes on session cookies to prevent CSRF attacks.

Set-Cookie: session=value; SameSite=Strict; Secure; HttpOnly

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to detect and block CSRF attempts
Educate users about phishing risks and implement strict access controls

🔍 How to Verify

Check if Vulnerable:

Check TCExam version in admin panel or examine source code for missing CSRF tokens in forms.

Check Version:

Check admin panel or examine /shared/config/tce_config.php for version information

Verify Fix Applied:

Verify version is 14.3.0+ and test forms contain CSRF tokens that are validated server-side.

📡 Detection & Monitoring

Log Indicators:

Multiple failed state-changing requests from same IP
Requests missing CSRF tokens
Unusual administrative actions from non-admin users

Network Indicators:

HTTP POST requests without Referer headers
Requests with mismatched Origin headers

SIEM Query:

source="tcexam.log" AND (action="admin_" OR action="user_") AND status="200" AND NOT csrf_token=*

📊 Metadata

CVE ID: CVE-2020-5745

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

CWE: CWE-352

Published: May 7, 2020

Last Updated: November 21, 2024

🔗 References

https://www.tenable.com/security/research/tra-2020-31 Exploit,Patch,Third Party Advisory
https://www.tenable.com/security/research/tra-2020-31 Exploit,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-5745, you might also want to check these: