Login Sign Up

CVE-2022-29547

7.5 HIGH
Authentication Bypass

📋 TL;DR

The CreateRedirect extension for MediaWiki before April 14, 2022 fails to properly verify user permissions when creating redirects, allowing unauthorized or blocked users to edit pages they shouldn't have access to. This affects any MediaWiki installation using the vulnerable CreateRedirect extension version.

💻 Affected Systems

Products:
  • MediaWiki CreateRedirect extension
Versions: All versions before 2022-04-14
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects MediaWiki installations with the CreateRedirect extension enabled.

📦 What is this software?

Createredirect by Mediawiki

View all CVEs affecting Createredirect →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Unauthorized users could modify critical pages, inject malicious content, deface the wiki, or redirect legitimate pages to malicious destinations.

🟠

Likely Case

Low-privilege users or blocked users could make unauthorized edits to protected pages, potentially disrupting wiki operations or spreading misinformation.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to minor unauthorized edits that can be quickly detected and reverted.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires some user access (not completely unauthenticated), but the permission bypass makes it trivial for users with any level of access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version from 2022-04-14 or later

Vendor Advisory: https://phabricator.wikimedia.org/T306174

Restart Required: No

Instructions:

1. Update the CreateRedirect extension to version from 2022-04-14 or later. 2. Replace the extension files with the patched version from the official MediaWiki repository. 3. No server restart required for MediaWiki extensions.

🔧 Temporary Workarounds

Disable CreateRedirect extension

all

Temporarily disable the vulnerable extension until patching is possible

Remove or comment out 'wfLoadExtension( 'CreateRedirect' );' from LocalSettings.php

Restrict user permissions

all

Tighten overall user permissions to limit potential damage

🧯 If You Can't Patch

  • Implement strict monitoring of page edits and redirect creations
  • Increase logging and alerting for unauthorized edit attempts

🔍 How to Verify

Check if Vulnerable:

Check if CreateRedirect extension is enabled and its version date is before 2022-04-14

Check Version:

Check extension.json or similar version file in the CreateRedirect extension directory

Verify Fix Applied:

Verify the extension files have been updated to 2022-04-14 version or later

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized edit attempts on protected pages
  • Redirect creations by low-privilege users

Network Indicators:

  • Unusual edit patterns from user accounts

SIEM Query:

Search for edit events where user permission level doesn't match page protection level

📊 Metadata

CVE ID: CVE-2022-29547
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CWE: CWE-276
Published: April 21, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29547, you might also want to check these:

CVE-2025-40585 9.9

Energy Services solutions using G5DFR contain default credentials, allowing attackers to gain contro...

Same vulnerability type (CWE-276)
CVE-2023-47462 9.8

This vulnerability allows remote attackers to execute arbitrary code on GL.iNet AX1800 routers by ex...

Same vulnerability type (CWE-276)
CVE-2022-41572 9.8

CVE-2022-41572 is a privilege escalation vulnerability in EyesOfNetwork (EON) where nmap can be exec...

Same vulnerability type (CWE-276)