CVE-2024-55093 – phpIPAM through version 1.7.3 contains a reflec... (How to Fix)

Q: What is the severity of CVE-2024-55093?

CVE-2024-55093 has a CVSS score of 5.4 (MEDIUM). phpIPAM through version 1.7.3 contains a reflected Cross-Site Scripting (XSS) vulnerability in its installation scripts. This allows attackers to inject malicious scripts into web pages viewed by users, potentially stealing session cookies or performing actions on behalf of authenticated users. Organizations using phpIPAM versions up to 1.7.3 are affected.

📋 TL;DR

phpIPAM through version 1.7.3 contains a reflected Cross-Site Scripting (XSS) vulnerability in its installation scripts. This allows attackers to inject malicious scripts into web pages viewed by users, potentially stealing session cookies or performing actions on behalf of authenticated users. Organizations using phpIPAM versions up to 1.7.3 are affected.

💻 Affected Systems

Products:

phpIPAM

Versions: All versions through 1.7.3

Operating Systems: All platforms running phpIPAM

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in installation scripts, which may remain accessible after installation if not properly removed.

📦 What is this software?

Phpipam by Phpipam

View all CVEs affecting Phpipam →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator session cookies, gain full administrative access to phpIPAM, and potentially pivot to internal network resources.

🟠

Likely Case

Attackers could steal user session cookies, perform unauthorized actions within phpIPAM, or redirect users to malicious sites.

🟢

If Mitigated

With proper input validation and output encoding, the impact is limited to script execution in the user's browser context only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Reflected XSS typically requires user interaction (clicking a malicious link) but is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in commit d0caaeba885364fd0521f094511c5d7b11f9da8f

Vendor Advisory: https://github.com/phpipam/phpipam/commit/d0caaeba885364fd0521f094511c5d7b11f9da8f

Restart Required: No

Instructions:

1. Update phpIPAM to the latest version. 2. Apply the specific commit d0caaeba885364fd0521f094511c5d7b11f9da8f if not updating fully. 3. Remove or secure installation scripts after installation.

🔧 Temporary Workarounds

Remove installation scripts

linux

Delete or restrict access to installation scripts after installation is complete

rm -rf /path/to/phpipam/install/

Web Application Firewall (WAF)

all

Deploy WAF rules to block XSS payloads targeting installation endpoints

🧯 If You Can't Patch

Implement Content Security Policy (CSP) headers to restrict script execution
Ensure installation scripts are not accessible after initial setup

🔍 How to Verify

Check if Vulnerable:

Check if phpIPAM version is 1.7.3 or earlier and if installation scripts are accessible

Check Version:

grep 'define("VERSION"' /path/to/phpipam/functions/scripts/constants.php

Verify Fix Applied:

Verify the commit d0caaeba885364fd0521f094511c5d7b11f9da8f is applied or version is above 1.7.3

📡 Detection & Monitoring

Log Indicators:

Unusual requests to installation scripts with script tags or JavaScript in parameters

Network Indicators:

HTTP requests containing script injection patterns to install endpoints

SIEM Query:

source="web_access" AND uri="/install/*" AND (query="*<script*" OR query="*javascript:*")

📊 Metadata

CVE ID: CVE-2024-55093

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.17% exploit probability (37.9th percentile)

Published: March 31, 2025

Last Updated: April 23, 2025

🔗 References

https://github.com/phpipam/phpipam/commit/d0caaeba885364fd0521f094511c5d7b11f9da8f Patch

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-55093, you might also want to check these: