CVE-2023-45906 – Dreamer CMS v4.1.3 contains a CSRF vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2023-45906?

CVE-2023-45906 has a CVSS score of 8.8 (HIGH). Dreamer CMS v4.1.3 contains a CSRF vulnerability in the user addition function at /admin/user/add. This allows attackers to trick authenticated administrators into unknowingly creating new user accounts with arbitrary privileges. Any Dreamer CMS installation using the vulnerable version is affected.

📋 TL;DR

Dreamer CMS v4.1.3 contains a CSRF vulnerability in the user addition function at /admin/user/add. This allows attackers to trick authenticated administrators into unknowingly creating new user accounts with arbitrary privileges. Any Dreamer CMS installation using the vulnerable version is affected.

💻 Affected Systems

Products:

Dreamer CMS

Versions: v4.1.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations with the admin interface accessible and user addition functionality enabled.

📦 What is this software?

Dreamer Cms by Iteachyou

View all CVEs affecting Dreamer Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers create administrative accounts, gaining full control over the CMS to modify content, install backdoors, or pivot to other systems.

🟠

Likely Case

Attackers create regular user accounts to access sensitive content, post malicious content, or maintain persistence for future attacks.

🟢

If Mitigated

With proper CSRF protections, attackers cannot force user creation, limiting impact to other vulnerabilities requiring authentication.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires tricking an authenticated admin to visit a malicious page while logged in.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing CSRF protections manually.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add CSRF token validation to the /admin/user/add endpoint

Modify Dreamer CMS source code to include and validate CSRF tokens in user addition forms

Restrict Admin Access

all

Limit admin interface access to trusted IP addresses only

Configure web server (e.g., Apache .htaccess or Nginx location blocks) to restrict /admin paths

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to detect and block CSRF attempts
Require re-authentication for sensitive actions like user creation

🔍 How to Verify

Check if Vulnerable:

Check if Dreamer CMS version is 4.1.3 and if /admin/user/add endpoint lacks CSRF protection

Check Version:

Check CMS configuration files or admin dashboard for version information

Verify Fix Applied:

Test that user addition requests now require valid CSRF tokens

📡 Detection & Monitoring

Log Indicators:

Multiple user creation requests from same IP without corresponding form submissions
User creation requests missing referrer headers or CSRF tokens

Network Indicators:

POST requests to /admin/user/add with suspicious referrers or origins

SIEM Query:

source="web_logs" AND uri="/admin/user/add" AND method="POST" AND (referrer NOT CONTAINS "your-domain.com" OR csrf_token MISSING)

📊 Metadata

CVE ID: CVE-2023-45906

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: October 17, 2023

Last Updated: April 4, 2025

🔗 References

https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20user%20added%20function.md Exploit,Third Party Advisory
https://github.com/moonsabc123/dreamer_cms/blob/main/There%20is%20a%20csrf%20in%20the%20user%20added%20function.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-45906, you might also want to check these: