CVE-2024-44720 – SeaCMS v13.1 contains an arbitrary file read vu... (How to Fix)

Q: What is the severity of CVE-2024-44720?

CVE-2024-44720 has a CVSS score of 7.5 (HIGH). SeaCMS v13.1 contains an arbitrary file read vulnerability in admin_safe.php that allows attackers to read sensitive files on the server. This affects all SeaCMS v13.1 installations with the vulnerable component accessible. Attackers can exploit this to access configuration files, credentials, or other sensitive data.

📋 TL;DR

SeaCMS v13.1 contains an arbitrary file read vulnerability in admin_safe.php that allows attackers to read sensitive files on the server. This affects all SeaCMS v13.1 installations with the vulnerable component accessible. Attackers can exploit this to access configuration files, credentials, or other sensitive data.

💻 Affected Systems

Products:

SeaCMS

Versions: v13.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin_safe.php to be accessible, which is typically part of the admin interface.

📦 What is this software?

Seacms by Seacms

View all CVEs affecting Seacms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers read sensitive files like database credentials, configuration files, or source code, leading to full system compromise, data theft, or further exploitation.

🟠

Likely Case

Attackers read configuration files containing database credentials or other sensitive information, potentially enabling database access or lateral movement.

🟢

If Mitigated

With proper access controls and network segmentation, impact is limited to file disclosure within the web server's accessible directories.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the admin interface or ability to reach admin_safe.php. Public details available in GitHub issue.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v13.2 or later

Vendor Advisory: https://github.com/seacms-net/CMS/issues/22

Restart Required: No

Instructions:

1. Backup your SeaCMS installation and database. 2. Download the latest SeaCMS version from the official repository. 3. Replace the vulnerable admin_safe.php file with the patched version. 4. Verify no functionality is broken.

🔧 Temporary Workarounds

Restrict access to admin_safe.php

all

Block or restrict access to the vulnerable admin_safe.php file using web server configuration or firewall rules.

# Apache: Add to .htaccess
<Files "admin_safe.php">
    Order Deny,Allow
    Deny from all
</Files>
# Nginx: Add to server block
location ~ /admin_safe\.php$ {
    deny all;
}

🧯 If You Can't Patch

Implement strict access controls to limit who can access the admin interface.
Monitor file access logs for unusual read attempts to admin_safe.php or sensitive files.

🔍 How to Verify

Check if Vulnerable:

Check if SeaCMS version is v13.1 and admin_safe.php exists in the admin directory. Attempt to access admin_safe.php with parameters that trigger file read.

Check Version:

Check the SeaCMS version in the admin panel or look for version information in configuration files.

Verify Fix Applied:

Verify SeaCMS version is v13.2 or later, or test that admin_safe.php no longer allows arbitrary file reads.

📡 Detection & Monitoring

Log Indicators:

Unusual file read requests to admin_safe.php with file path parameters
Access to sensitive files from web server logs

Network Indicators:

HTTP requests to admin_safe.php with file path parameters

SIEM Query:

source="web_server_logs" AND uri="*admin_safe.php*" AND (query="*file=*" OR query="*path=*")

📊 Metadata

CVE ID: CVE-2024-44720

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: September 9, 2024

Last Updated: March 28, 2025

🔗 References

https://github.com/seacms-net/CMS/issues/22 Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-44720, you might also want to check these: