CVE-2012-5450

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2012-5450 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: https://www.htbridge.com/advisory/HTB23121

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2012-5450

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* CMS Made Simple 1.11.2

1. Cross-Site Request Forgery (CSRF) in CMS Made Simple: CVE-2012-5450

The application allows authorized administrator to perform certain actions via HTTP requests without making proper
validity checks to verify the source of the requests. This can be exploited to delete arbitrary files and directories.

An attacker should make logged-in administrator open a malicious link in the browser to exploit this vulnerability.

The following PoC (Proof of Concept) code will delete the root directory with all files leading to complete destroy of
the CMS:

http://[host]/lib/filemanager/imagemanager/images.php?deld=../../
<img src="http://[host]/lib/filemanager/imagemanager/images.php?deld=../../"; width=1 height=1>

Successful exploitation requires that user under which the web server is running has write access to files or
directories to delete.

Patch Availability:
http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545

CVE Information:
CVE-2012-5450

Disclosure Timeline:
Vendor Notification: October 17, 2012
Public Disclosure: November 7, 2012

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus