DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /src/dede/makehtml_homepage.php allowing a remote attacker to execute arbitrary code.
An attacker can construct a malicious HTTP request directed at the /src/dede/makehtml_homepage.php component and trick a logged-in user (e.g., administrator) into executing it unknowingly. The lack of proper origin verification mechanisms allows a CSRF attack to be carried out, resulting in arbitrary code execution on the server side. The attacker does not need to possess any privileges or require interaction other than convincing the victim to visit a malicious page.
Successful exploitation of the vulnerability allows an attacker to execute arbitrary code remotely (RCE) on the server, which may lead to complete takeover of the application, data disclosure, or data modification.
Patches available from the vendor should be applied according to the references. It is also recommended to implement CSRF protection mechanisms (CSRF tokens) and restrict access to the admin panel to trusted IP addresses.
DedeCMS v5.7 — /src/dede/makehtml_homepage.php component
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDedecms
APPDedecms5.7
Related vulnerabilities
DedeCMS 5.7.118 — zdalne wykonanie kodu przez upload modułu (RCE)
RCE w DedeCMS poprzez komponent array_filter
DedeCMS – arbitrary file upload umożliwiający RCE
DedeCMS 5.7.114 — arbitrary file upload w panelu administracyjnym
DedeCMS – nieautoryzowane usunięcie dowolnego pliku przez mail_file_manage.php