CVE-2024-29477 – This vulnerability in Dolibarr ERP CRM allows a... (How to Fix)

Q: What is the severity of CVE-2024-29477?

CVE-2024-29477 has a CVSS score of 8.8 (HIGH). This vulnerability in Dolibarr ERP CRM allows attackers with adjacent network access to execute arbitrary code during the installation process due to insufficient input sanitization. It affects Dolibarr versions up to 19.0.0, potentially compromising the entire system.

📋 TL;DR

This vulnerability in Dolibarr ERP CRM allows attackers with adjacent network access to execute arbitrary code during the installation process due to insufficient input sanitization. It affects Dolibarr versions up to 19.0.0, potentially compromising the entire system.

💻 Affected Systems

Products:

Dolibarr ERP CRM

Versions: Versions up to and including 19.0.0

Operating Systems: All platforms running Dolibarr

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists during installation process, so both new installations and upgrades are affected.

📦 What is this software?

Dolibarr Erp\/crm by Dolibarr

View all CVEs affecting Dolibarr Erp\/crm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining complete control over the Dolibarr server, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Attacker executes malicious code to establish persistence, steal sensitive business data, or disrupt ERP/CRM operations.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing adjacent attackers from reaching the installation interface.

🌐 Internet-Facing: MEDIUM - While the vulnerability requires adjacent access, internet-facing installations could be targeted if attackers gain initial foothold.

🏢 Internal Only: HIGH - Internal attackers or compromised devices on the same network segment can exploit this during installation or reinstallation.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network adjacency but no authentication. Public proof-of-concept exists in GitHub repository.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 19.0.1 or later

Vendor Advisory: http://dolibarr.com

Restart Required: No

Instructions:

1. Backup your Dolibarr database and files. 2. Download latest version from dolibarr.org. 3. Replace installation files with patched version. 4. Run upgrade script if applicable.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Dolibarr installation environment from general network access

Temporary Installation Restriction

linux

Restrict access to installation interface during setup

iptables -A INPUT -p tcp --dport 80 -s trusted_ip -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate Dolibarr from untrusted networks
Monitor installation logs for suspicious activity and restrict installation to specific trusted IPs only

🔍 How to Verify

Check if Vulnerable:

Check Dolibarr version in Administration > Information or examine version.php file

Check Version:

grep '\$dolibarr_version' htdocs/includes/main.inc.php || cat htdocs/version.php

Verify Fix Applied:

Verify version is 19.0.1 or later and check that installation process validates input properly

📡 Detection & Monitoring

Log Indicators:

Unusual installation attempts from unexpected IPs
Multiple failed installation attempts
Suspicious input patterns during installation

Network Indicators:

Traffic to installation endpoints from unauthorized sources
Unexpected outbound connections post-installation

SIEM Query:

source="dolibarr.log" AND ("install" OR "setup") AND (src_ip NOT IN allowed_ips)

📊 Metadata

CVE ID: CVE-2024-29477

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

Published: April 3, 2024

Last Updated: March 28, 2025

🔗 References

http://dolibarr.com Product
https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md Third Party Advisory
http://dolibarr.com Product
https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29477, you might also want to check these: