CVE-2024-57523 – This CSRF vulnerability in SourceCodester Packe... (How to Fix)

Q: What is the severity of CVE-2024-57523?

CVE-2024-57523 has a CVSS score of 4.5 (MEDIUM). This CSRF vulnerability in SourceCodester Packers and Movers Management System allows attackers to create unauthorized admin accounts by tricking authenticated administrators into submitting malicious requests. It affects version 1.0 of the software, potentially enabling privilege escalation and unauthorized system access.

📋 TL;DR

This CSRF vulnerability in SourceCodester Packers and Movers Management System allows attackers to create unauthorized admin accounts by tricking authenticated administrators into submitting malicious requests. It affects version 1.0 of the software, potentially enabling privilege escalation and unauthorized system access.

💻 Affected Systems

Products:

SourceCodester Packers and Movers Management System

Versions: 1.0

Operating Systems: Any

Default Config Vulnerable: ⚠️ Yes

Notes: Requires an authenticated admin session to exploit via CSRF.

📦 What is this software?

Packers And Movers Management System by Oretnom23

View all CVEs affecting Packers And Movers Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers create persistent admin accounts, gaining full control over the management system to steal sensitive data, modify records, or disrupt operations.

🟠

Likely Case

Unauthorized admin accounts are created, allowing attackers to access and manipulate sensitive customer and business data.

🟢

If Mitigated

With proper CSRF protections, the attack fails, maintaining normal system security and preventing unauthorized account creation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires social engineering to trick an admin into clicking a malicious link while authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://sourcecodester.com

Restart Required: No

Instructions:

No official patch available. Implement CSRF tokens in Users.php and all admin functions.

🔧 Temporary Workarounds

Add CSRF Protection

all

Implement anti-CSRF tokens in all admin forms and validate them server-side.

Modify Users.php to include and verify CSRF tokens

Restrict Admin Access

all

Limit admin panel access to specific IPs or networks.

Configure web server (e.g., Apache .htaccess or Nginx config) to restrict /admin paths

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block CSRF attempts
Require re-authentication for sensitive admin actions like account creation

🔍 How to Verify

Check if Vulnerable:

Test if admin account creation forms lack CSRF tokens by inspecting HTML source or using tools like Burp Suite.

Check Version:

Check software version in admin panel or source code comments.

Verify Fix Applied:

Verify that CSRF tokens are present in forms and validated server-side; test with crafted requests.

📡 Detection & Monitoring

Log Indicators:

Multiple admin account creation attempts from unusual IPs or user agents
POST requests to Users.php without referrer or CSRF tokens

Network Indicators:

Unexpected admin account creation traffic patterns

SIEM Query:

source="web_logs" AND (uri="/Users.php" OR action="create_admin") AND status=200

📊 Metadata

CVE ID: CVE-2024-57523

CVSS v3 Score: 4.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

CWE: CWE-352

EPSS Score: 0.41% exploit probability (60.8th percentile)

Published: February 6, 2025

Last Updated: April 22, 2025

🔗 References

http://sourcecodester.com Product
https://github.com/HackWidMaddy/CVE-2024-57523. Exploit,Third Party Advisory
https://github.com/HackWidMaddy/CVE-2024-57523. Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57523, you might also want to check these: