Login Sign Up

CVE-2024-7925

4.3 MEDIUM

📋 TL;DR

This vulnerability in ZZCMS 2023 allows remote attackers to disclose sensitive information by manipulating the 'phome' parameter in the 'eginfo.php' file. The information leak could expose system details, PHP configuration, or other sensitive data. All users running ZZCMS 2023 with the vulnerable file accessible are affected.

💻 Affected Systems

Products:
  • ZZCMS
Versions: 2023
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the file '3/E_bak5.1/upload/eginfo.php' which appears to be part of the CMS installation.

📦 What is this software?

Zzcms by Zzcms

View all CVEs affecting Zzcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain sensitive system information, PHP configuration details, database credentials, or other secrets that could facilitate further attacks.

🟠

Likely Case

Information disclosure revealing PHP version, system paths, configuration settings, and potentially other details about the server environment.

🟢

If Mitigated

Limited information exposure with no critical credentials or secrets revealed, but still potentially useful for reconnaissance.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit requires simple HTTP request manipulation with the 'phome=ShowPHPInfo' parameter. Public disclosure suggests active exploitation is possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Remove or restrict access to the vulnerable file '3/E_bak5.1/upload/eginfo.php'.

🔧 Temporary Workarounds

Remove vulnerable file

linux

Delete or rename the vulnerable eginfo.php file to prevent exploitation

rm /path/to/zzcms/3/E_bak5.1/upload/eginfo.php

Restrict file access

all

Use web server configuration to block access to the vulnerable file

<LocationMatch "\/3\/E_bak5\.1\/upload\/eginfo\.php">\n    Deny from all\n</LocationMatch>

🧯 If You Can't Patch

  • Implement WAF rules to block requests containing 'phome=ShowPHPInfo' parameter
  • Restrict network access to the ZZCMS installation using firewall rules

🔍 How to Verify

Check if Vulnerable:

Access http://your-site.com/3/E_bak5.1/upload/eginfo.php?phome=ShowPHPInfo and check if PHP information is displayed

Check Version:

Check ZZCMS version in admin panel or configuration files

Verify Fix Applied:

Attempt the same request and verify that PHP information is no longer displayed or the file returns 404/403

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests to '/3/E_bak5.1/upload/eginfo.php' with 'phome=ShowPHPInfo' parameter
  • Unusual information disclosure in access logs

Network Indicators:

  • HTTP GET requests with parameter 'phome=ShowPHPInfo' to the vulnerable endpoint

SIEM Query:

source="web_access_logs" AND uri_path="/3/E_bak5.1/upload/eginfo.php" AND query_string="*phome=ShowPHPInfo*"

📊 Metadata

CVE ID: CVE-2024-7925
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-200
Published: August 19, 2024
Last Updated: August 20, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7925, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)