CVE-2024-42775 – An unauthenticated attacker can directly access... (How to Fix)

Q: What is the severity of CVE-2024-42775?

CVE-2024-42775 has a CVSS score of 9.1 (CRITICAL). An unauthenticated attacker can directly access the /admin/add_room_controller.php endpoint in Kashipara Hotel Management System v1.0 to add unauthorized room entries to the administrator section. This affects all deployments of this specific software version that have the vulnerable endpoint exposed.

📋 TL;DR

An unauthenticated attacker can directly access the /admin/add_room_controller.php endpoint in Kashipara Hotel Management System v1.0 to add unauthorized room entries to the administrator section. This affects all deployments of this specific software version that have the vulnerable endpoint exposed.

💻 Affected Systems

Products:

Kashipara Hotel Management System

Versions: v1.0

Operating Systems: Any OS running the web application (commonly Linux/Windows with PHP)

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability is in the application code itself; any installation with the vulnerable file accessible is affected regardless of OS or web server.

📦 What is this software?

Hotel Management System by Jayesh

View all CVEs affecting Hotel Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could flood the system with fake room entries, corrupting booking data, causing financial discrepancies, and potentially enabling further attacks if room management interfaces other vulnerabilities.

🟠

Likely Case

Unauthorized room entries disrupt hotel operations, create booking conflicts, and undermine data integrity, requiring manual cleanup and investigation.

🟢

If Mitigated

With proper access controls, only authenticated administrators can manage rooms, preventing unauthorized modifications and maintaining system integrity.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires direct HTTP access to the vulnerable endpoint; no authentication or special tools are needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.kashipara.com/

Restart Required: No

Instructions:

No official patch is available. Check the vendor website for updates or consider alternative software.

🔧 Temporary Workarounds

Restrict Access to Admin Endpoints

all

Use web server configuration (e.g., .htaccess for Apache, nginx rules) to block unauthenticated access to /admin/add_room_controller.php.

# Apache .htaccess example: RewriteRule ^admin/add_room_controller\.php$ - [F]

Implement Authentication Check

all

Manually add session validation at the top of add_room_controller.php to require admin login.

<?php session_start(); if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true) { header('Location: login.php'); exit; } ?>

🧯 If You Can't Patch

Deploy a Web Application Firewall (WAF) to block requests to /admin/add_room_controller.php from unauthenticated sources.
Monitor and audit access logs for unauthorized requests to admin endpoints and implement alerting.

🔍 How to Verify

Check if Vulnerable:

Attempt to access http://[target]/admin/add_room_controller.php without authentication; if it loads or accepts POST data, it's vulnerable.

Check Version:

Check the software version in the admin panel or application files; look for version indicators in source code or documentation.

Verify Fix Applied:

After applying workarounds, verify that unauthenticated access to the endpoint returns an error (e.g., 403 Forbidden) or redirects to login.

📡 Detection & Monitoring

Log Indicators:

HTTP 200 or successful POST requests to /admin/add_room_controller.php from unauthenticated IPs
Unusual spikes in room creation logs without corresponding admin login events

Network Indicators:

Unencrypted HTTP traffic to admin endpoints from external IPs without prior authentication requests

SIEM Query:

source="web_logs" AND (url="/admin/add_room_controller.php" AND NOT user_agent="admin_browser")

📊 Metadata

CVE ID: CVE-2024-42775

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-284

Published: August 22, 2024

Last Updated: April 30, 2025

🔗 References

https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Hotel%20Management%20System%20v1.0/Broken%20Access%20Control%20-%20Add%20New%20Room%20Entry.pdf Exploit,Third Party Advisory
https://www.kashipara.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42775, you might also want to check these: