CVE-2025-50850 – This vulnerability in CS Cart 4.18.3 allows att... (How to Fix)

Q: What is the severity of CVE-2025-50850?

CVE-2025-50850 has a CVSS score of 8.6 (HIGH). This vulnerability in CS Cart 4.18.3 allows attackers to perform brute-force attacks against vendor login pages due to missing CAPTCHA and rate limiting. Attackers can systematically guess credentials to gain unauthorized access to vendor accounts. All CS Cart installations using the vulnerable version are affected.

📋 TL;DR

This vulnerability in CS Cart 4.18.3 allows attackers to perform brute-force attacks against vendor login pages due to missing CAPTCHA and rate limiting. Attackers can systematically guess credentials to gain unauthorized access to vendor accounts. All CS Cart installations using the vulnerable version are affected.

💻 Affected Systems

Products:

CS Cart

Versions: 4.18.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects vendor login functionality, not customer or admin logins.

📦 What is this software?

Cs Cart by Cs Cart

View all CVEs affecting Cs Cart →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of all vendor accounts leading to data theft, financial fraud, and unauthorized administrative actions within the e-commerce platform.

🟠

Likely Case

Unauthorized access to some vendor accounts resulting in data exposure, fraudulent transactions, and potential lateral movement within the system.

🟢

If Mitigated

Failed login attempts are logged and blocked after threshold, preventing account takeover while maintaining legitimate access.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple brute-force tools can exploit this vulnerability without special knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://cs.com

Restart Required: No

Instructions:

Check vendor website for security updates. If patch available, apply according to vendor instructions.

🔧 Temporary Workarounds

Implement Web Application Firewall (WAF)

all

Configure WAF rules to block excessive login attempts and implement CAPTCHA at the network layer.

Add Rate Limiting via .htaccess

linux

Implement IP-based rate limiting for login endpoints using Apache mod_evasive or similar.

# Add to .htaccess
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 600
</IfModule>

🧯 If You Can't Patch

Implement network-level rate limiting using firewall rules or load balancer
Enable multi-factor authentication for all vendor accounts

🔍 How to Verify

Check if Vulnerable:

Test vendor login page for absence of CAPTCHA and ability to submit multiple rapid login attempts without blocking.

Check Version:

Check CS Cart admin panel or config files for version information

Verify Fix Applied:

Verify CAPTCHA appears on vendor login and rapid failed attempts trigger temporary IP blocking.

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts from same IP
Unusual vendor login patterns outside business hours
Successful vendor logins from new IPs/locations

Network Indicators:

High volume of POST requests to /vendor/login endpoint
Traffic patterns showing credential stuffing tools

SIEM Query:

source="web_logs" | search "POST /vendor/login" | stats count by src_ip | where count > 10

📊 Metadata

CVE ID: CVE-2025-50850

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE: CWE-284

EPSS Score: 0.06% exploit probability (19.5th percentile)

Published: July 31, 2025

Last Updated: August 6, 2025

🔗 References

http://cs.com Not Applicable
https://github.com/hackerwahab/CS-Cart-Vulns/blob/main/CVE-2025-50850.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-50850, you might also want to check these: