← Advisories

Snowfox CMS v1.0 CSRF Add Admin Exploit

Medium
Advisory ID
ZSL-2014-5205
Release Date
18 November 2014
Vendor
Globiz Solutions - http://www.snowfoxcms.org
Affected Version
1.0
CVE
CVE-2014-9344
Tested On
Apache/2.4.7 (Win32), PHP/5.5.6, MySQL 5.6.14
Summary

Snowfox is an open source Content Management System (CMS) that allows your website users to create and share content based on permission configurations.

Description

Snowfox CMS suffers from a cross-site request forgery vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

Proof of Concept
snowfox_csrf.htmlTXT
Disclosure Timeline
20.11.2014Vendor releases version 1.0.10 to address this issue.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://cxsecurity.com/issue/WLB-2014110126
[2]http://packetstormsecurity.com/files/129164
[3]http://www.securityfocus.com/bid/71175
[4]http://www.exploit-db.com/exploits/35301/
[5]http://xforce.iss.net/xforce/xfdb/98815
[6]http://osvdb.org/show/osvdb/114819
[7]https://github.com/GlobizSolutions/snowfox/releases
[8]http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-9344
[9]http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9344
Changelog
18.11.2014Initial release
19.11.2014Added reference [1], [2] and [3]
20.11.2014Added vendor status and reference [4], [5], [6] and [7]
09.12.2014Added reference [8] and [9]