CVE-2024-54851 – Teedy versions up to 1.12 lack CSRF protection,... (How to Fix)

Q: What is the severity of CVE-2024-54851?

CVE-2024-54851 has a CVSS score of 8.8 (HIGH). Teedy versions up to 1.12 lack CSRF protection, allowing attackers to trick authenticated users into performing unintended actions. This affects all Teedy instances running vulnerable versions, potentially compromising document management systems.

📋 TL;DR

Teedy versions up to 1.12 lack CSRF protection, allowing attackers to trick authenticated users into performing unintended actions. This affects all Teedy instances running vulnerable versions, potentially compromising document management systems.

💻 Affected Systems

Products:

Teedy

Versions: <= 1.12

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of Teedy <= 1.12 are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Teedy by Sismics

View all CVEs affecting Teedy →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could manipulate document access controls, delete critical documents, or modify user permissions through forged requests executed by authenticated administrators.

🟠

Likely Case

Attackers could trick users into uploading malicious documents, modifying metadata, or changing sharing settings through crafted links or forms.

🟢

If Mitigated

With proper CSRF tokens and same-site cookie policies, exploitation requires significantly more sophisticated social engineering or additional vulnerabilities.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires the victim to be authenticated and visit a malicious page while logged into Teedy. No authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: > 1.12

Vendor Advisory: https://github.com/Tanguy-Boisset/CVE/blob/master/CVE-2024-54851/README.md

Restart Required: No

Instructions:

1. Upgrade Teedy to version > 1.12. 2. Verify CSRF protection is enabled in application configuration. 3. Clear browser caches after upgrade.

🔧 Temporary Workarounds

Implement CSRF tokens manually

all

Add CSRF token validation to all state-changing endpoints

Modify application code to include CSRF tokens in forms and validate them server-side

SameSite cookie enforcement

all

Configure session cookies with SameSite=Strict attribute

Set session.cookie_samesite = 'Strict' in Teedy configuration

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to detect and block CSRF attempts
Restrict Teedy access to internal networks only and implement strict access controls

🔍 How to Verify

Check if Vulnerable:

Check Teedy version in admin panel or via version file. If version <= 1.12, test for CSRF protection by attempting to submit forms without tokens.

Check Version:

Check /version endpoint or admin dashboard for version information

Verify Fix Applied:

After upgrade, verify forms include CSRF tokens and requests without valid tokens are rejected.

📡 Detection & Monitoring

Log Indicators:

Multiple failed state-changing requests from same IP
Requests missing expected CSRF tokens
Unusual document modification patterns

Network Indicators:

HTTP POST requests without Referer headers matching origin
Cross-origin requests to state-changing endpoints

SIEM Query:

source="teedy" AND (http_method="POST" OR http_method="PUT" OR http_method="DELETE") AND NOT csrf_token=*

📊 Metadata

CVE ID: CVE-2024-54851

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

EPSS Score: 0.02% exploit probability (4.3th percentile)

Published: January 29, 2025

Last Updated: May 23, 2025

🔗 References

https://github.com/Tanguy-Boisset/CVE/blob/master/CVE-2024-54851/README.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-54851, you might also want to check these: