CVE-2024-46485 – This CSRF vulnerability in dingfanzu CMS 1.0 al... (How to Fix)

Q: What is the severity of CVE-2024-46485?

CVE-2024-46485 has a CVSS score of 6.3 (MEDIUM). This CSRF vulnerability in dingfanzu CMS 1.0 allows attackers to trick authenticated administrators into performing unauthorized actions by visiting malicious web pages. Attackers could add new categories without the admin's knowledge. Only administrators with access to the admin panel are affected.

📋 TL;DR

This CSRF vulnerability in dingfanzu CMS 1.0 allows attackers to trick authenticated administrators into performing unauthorized actions by visiting malicious web pages. Attackers could add new categories without the admin's knowledge. Only administrators with access to the admin panel are affected.

💻 Affected Systems

Products:

dingfanzu CMS

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrator to be logged into the CMS admin panel and visit a malicious page while authenticated.

📦 What is this software?

Dingfanzu Cms by Timgreen

View all CVEs affecting Dingfanzu Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could manipulate the CMS structure, add malicious content categories, or potentially chain with other vulnerabilities to gain full control.

🟠

Likely Case

Unauthorized category creation leading to content manipulation, SEO spam, or defacement of the website.

🟢

If Mitigated

With proper CSRF protections, no impact as requests would be rejected without valid tokens.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

CSRF attacks are generally low complexity but require social engineering to trick authenticated users.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider implementing CSRF tokens in /admin/doAdminAction.php or upgrading if newer version exists.

🔧 Temporary Workarounds

Implement CSRF Protection

all

Add CSRF tokens to admin forms and validate them server-side

Edit /admin/doAdminAction.php to include and validate CSRF tokens

Restrict Admin Access

all

Limit admin panel access to specific IP addresses or networks

Add IP restrictions in .htaccess or web server configuration

🧯 If You Can't Patch

Implement SameSite cookies and require re-authentication for sensitive actions
Use browser extensions that block CSRF attempts and educate administrators about phishing risks

🔍 How to Verify

Check if Vulnerable:

Check if /admin/doAdminAction.php accepts POST requests without CSRF token validation when act=addCate

Check Version:

Check CMS version in admin panel or readme files

Verify Fix Applied:

Test that POST requests to /admin/doAdminAction.php without valid CSRF tokens are rejected

📡 Detection & Monitoring

Log Indicators:

Multiple category creation requests from same admin session without corresponding form submissions
Unusual category names or patterns

Network Indicators:

HTTP POST requests to /admin/doAdminAction.php?act=addCate without Referer header validation

SIEM Query:

source="web_server" AND uri="/admin/doAdminAction.php" AND query="act=addCate" AND method="POST"

📊 Metadata

CVE ID: CVE-2024-46485

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CWE: CWE-352

Published: September 25, 2024

Last Updated: May 27, 2025

🔗 References

https://github.com/kikaku-ship/cms/tree/main/1/readme.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46485, you might also want to check these: