CVE-2024-50966 – This CSRF vulnerability in dingfanzu CMS V1.0 a... (How to Fix)

Q: What is the severity of CVE-2024-50966?

CVE-2024-50966 has a CVSS score of 9.3 (CRITICAL). This CSRF vulnerability in dingfanzu CMS V1.0 allows attackers to trick authenticated administrators into performing unauthorized actions, specifically adding new admin accounts. Attackers can exploit this by luring administrators to malicious websites while logged into the CMS. This affects all installations of dingfanzu CMS V1.0 with the admin interface accessible.

📋 TL;DR

This CSRF vulnerability in dingfanzu CMS V1.0 allows attackers to trick authenticated administrators into performing unauthorized actions, specifically adding new admin accounts. Attackers can exploit this by luring administrators to malicious websites while logged into the CMS. This affects all installations of dingfanzu CMS V1.0 with the admin interface accessible.

💻 Affected Systems

Products:

dingfanzu CMS

Versions: V1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin interface to be accessible and an authenticated admin session.

📦 What is this software?

Dingfanzu Cms by Timgreen

View all CVEs affecting Dingfanzu Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the CMS installation through creation of attacker-controlled admin accounts, leading to data theft, defacement, or further system compromise.

🟠

Likely Case

Unauthorized admin account creation allowing attackers to gain administrative access to the CMS backend.

🟢

If Mitigated

Limited impact if proper CSRF protections are implemented or if admin sessions are properly managed.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires social engineering to trick authenticated admins into visiting malicious pages.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement CSRF protections manually.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add CSRF token validation to /admin/doAdminAction.php

Manual code modification required

Restrict Admin Access

all

Limit admin interface access to trusted IP addresses only

Manual configuration of web server or firewall rules

🧯 If You Can't Patch

Implement SameSite cookie attributes for session cookies
Require re-authentication for sensitive admin actions

🔍 How to Verify

Check if Vulnerable:

Check if /admin/doAdminAction.php?act=addAdmin endpoint accepts POST requests without CSRF token validation

Check Version:

Check CMS version in admin panel or configuration files

Verify Fix Applied:

Verify that CSRF tokens are required and validated for the affected endpoint

📡 Detection & Monitoring

Log Indicators:

Multiple admin account creation attempts from same session
Admin actions without referrer validation

Network Indicators:

POST requests to /admin/doAdminAction.php without CSRF tokens
Cross-origin requests to admin endpoints

SIEM Query:

web_access_logs WHERE uri CONTAINS '/admin/doAdminAction.php' AND method = 'POST' AND referrer NOT CONTAINS 'admin'

📊 Metadata

CVE ID: CVE-2024-50966

CVSS v3 Score: 9.3 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

CWE: CWE-352

Published: November 8, 2024

Last Updated: May 28, 2025

🔗 References

https://github.com/evenomn/YangYiWen/tree/main/11 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-50966, you might also want to check these: