CVE-2023-53914 – CVE-2023-53914 is an authentication bypass vuln... (How to Fix)

Q: What is the severity of CVE-2023-53914?

CVE-2023-53914 has a CVSS score of 9.8 (CRITICAL). CVE-2023-53914 is an authentication bypass vulnerability in UliCMS 2023.1 that allows unauthenticated attackers to create administrative accounts with full system access through mass assignment. This affects all UliCMS 2023.1 installations with the admin interface accessible.

📋 TL;DR

CVE-2023-53914 is an authentication bypass vulnerability in UliCMS 2023.1 that allows unauthenticated attackers to create administrative accounts with full system access through mass assignment. This affects all UliCMS 2023.1 installations with the admin interface accessible.

💻 Affected Systems

Products:

UliCMS

Versions: 2023.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations with admin interface accessible. The vulnerability is in the UserController's mass assignment functionality.

📦 What is this software?

Ulicms by Ulicms

View all CVEs affecting Ulicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where attackers gain administrative control, install backdoors, exfiltrate data, and use the system for further attacks.

🟠

Likely Case

Attackers create persistent admin accounts to maintain access, modify content, steal sensitive data, and potentially deploy ransomware.

🟢

If Mitigated

Limited impact if proper network segmentation, WAF rules, and monitoring are in place to detect and block exploitation attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires sending a crafted POST request to admin/index.php with specific parameters. Public exploit code is available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2023.2 or later

Vendor Advisory: https://en.ulicms.de/

Restart Required: No

Instructions:

1. Backup your UliCMS installation. 2. Download and install UliCMS 2023.2 or later. 3. Replace all files with the new version. 4. Verify the admin interface functions correctly.

🔧 Temporary Workarounds

Restrict Admin Interface Access

all

Block external access to the admin interface using firewall rules or web server configuration.

# Apache: Deny from all except trusted IPs in .htaccess
# Nginx: allow 192.168.1.0/24; deny all; in server block

Input Validation Filter

all

Add input validation to filter mass assignment parameters before processing.

# Add to UserController: filter parameters to exclude 'admin', 'group_id' from mass assignment

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach the admin interface.
Deploy a WAF with rules to block POST requests containing admin user creation parameters.

🔍 How to Verify

Check if Vulnerable:

Check if running UliCMS 2023.1 by examining version files or admin interface footer.

Check Version:

Check /version.txt or view admin interface footer for version information.

Verify Fix Applied:

Confirm installation of UliCMS 2023.2 or later and test that unauthenticated POST requests to create admin users fail.

📡 Detection & Monitoring

Log Indicators:

POST requests to admin/index.php with parameters like 'username', 'password', 'group_id=1' from unauthenticated sources
Unusual admin user creation events

Network Indicators:

HTTP POST requests to /admin/index.php with user creation parameters from external IPs

SIEM Query:

source="web_logs" AND uri="/admin/index.php" AND method="POST" AND (params CONTAINS "group_id=1" OR params CONTAINS "admin=1")

📊 Metadata

CVE ID: CVE-2023-53914

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-639

EPSS Score: 1.44% exploit probability (80.4th percentile)

Published: December 17, 2025

Last Updated: December 24, 2025

🔗 References

https://web.archive.org/web/20230314183734/https://en.ulicms.de/ Product
https://www.exploit-db.com/exploits/51486 Exploit
https://www.vulncheck.com/advisories/ulicms-authentication-bypass-via-mass-assignment-vulnerability Third Party Advisory
https://www.exploit-db.com/exploits/51486 Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53914, you might also want to check these: