Login Sign Up

CVE-2023-49545

7.5 HIGH

📋 TL;DR

This directory listing vulnerability in Customer Support System v1 allows unauthenticated attackers to enumerate directories and access sensitive files without authorization. It affects all deployments of Customer Support System v1 that haven't been patched or properly secured.

💻 Affected Systems

Products:
  • Customer Support System
Versions: v1.0
Operating Systems: Any OS running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all default installations of Customer Support System v1.0

📦 What is this software?

Customer Support System by Oretnom23

View all CVEs affecting Customer Support System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain access to sensitive configuration files, database credentials, user data, and other critical information leading to full system compromise.

🟠

Likely Case

Attackers enumerate directory structures and access sensitive files containing configuration data, logs, or backup files.

🟢

If Mitigated

Unauthorized access attempts are blocked, and directory listings are disabled, preventing information disclosure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public exploit code available on GitHub, requires only web browser or curl commands

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Apply workarounds or upgrade to a secure version if available.

🔧 Temporary Workarounds

Disable Directory Listing

all

Configure web server to disable directory listing/indexing

For Apache: Add 'Options -Indexes' to .htaccess or httpd.conf
For Nginx: Add 'autoindex off;' to server block

Restrict Access to Sensitive Directories

all

Block access to sensitive directories using web server configuration

For Apache: 'Deny from all' in .htaccess for sensitive directories
For Nginx: 'location /sensitive/ { deny all; }'

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block directory traversal attempts
  • Move sensitive files outside web root directory and restrict access via network segmentation

🔍 How to Verify

Check if Vulnerable:

Attempt to access application directories without proper file references (e.g., http://target.com/uploads/) and check if directory listing is displayed

Check Version:

Check application version in admin panel or readme files

Verify Fix Applied:

Attempt same directory access and verify '403 Forbidden' or proper error page appears instead of directory listing

📡 Detection & Monitoring

Log Indicators:

  • Multiple 200 OK responses to directory paths without file extensions
  • Access to sensitive directories like /config/, /admin/, /uploads/

Network Indicators:

  • HTTP requests ending with trailing slashes or directory names without files
  • Pattern of requests trying to enumerate directories

SIEM Query:

http.status_code=200 AND (http.url CONTAINS "/uploads/" OR http.url CONTAINS "/config/") AND NOT http.url CONTAINS ".php"

📊 Metadata

CVE ID: CVE-2023-49545
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-284
Published: March 1, 2024
Last Updated: March 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-49545, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)