CVE-2024-0880: CWE-352 Cross-Site Request Forgery in Qidianbang qdbcrm
A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/edit?id=2 of the component Password Reset. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252032. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AI Analysis
Technical Summary
CVE-2024-0880 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Qidianbang's qdbcrm version 1.1.0. The vulnerability affects the password reset functionality accessible via the endpoint /user/edit?id=2. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application in which they are currently authenticated, potentially causing unauthorized actions without the user's consent. In this case, the vulnerability could allow a remote attacker to manipulate password reset operations by exploiting the lack of proper CSRF protections, such as missing or ineffective anti-CSRF tokens. The vulnerability is classified under CWE-352, indicating a failure to implement adequate CSRF defenses. The CVSS 3.1 base score is 4.3 (medium severity), reflecting that the attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R), and impacts integrity (I:L) without affecting confidentiality or availability. The vendor has been contacted but has not responded or issued a patch, and no known exploits are currently in the wild, though public disclosure exists. This leaves organizations using qdbcrm 1.1.0 exposed to potential CSRF attacks that could alter user credentials or other sensitive settings via the password reset component, undermining account integrity and potentially enabling further unauthorized access or privilege escalation within the CRM system.
Potential Impact
For European organizations using Qidianbang qdbcrm 1.1.0, this vulnerability poses a risk primarily to the integrity of user accounts and the CRM system's authentication mechanisms. Successful exploitation could allow attackers to reset passwords or modify user credentials without authorization, potentially leading to unauthorized access to sensitive customer data, business intelligence, or internal communications stored within the CRM. This could result in data breaches, loss of customer trust, and regulatory compliance issues under GDPR due to unauthorized access or modification of personal data. While the vulnerability does not directly impact confidentiality or availability, the indirect consequences of compromised accounts could be significant, including lateral movement within corporate networks or data exfiltration. The requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing the attack surface. The lack of vendor response and patch availability further exacerbates the risk, as organizations must rely on compensating controls until an official fix is released.
Mitigation Recommendations
European organizations should implement several specific mitigations to reduce risk from CVE-2024-0880: 1) Employ web application firewalls (WAFs) with custom rules to detect and block suspicious CSRF-like requests targeting the /user/edit endpoint, especially those lacking valid CSRF tokens or originating from untrusted sources. 2) Enforce strict Content Security Policy (CSP) headers to limit the domains from which scripts and requests can be executed, reducing the likelihood of successful CSRF attacks. 3) Educate users about phishing and social engineering risks to minimize user interaction exploitation vectors. 4) If possible, disable or restrict the vulnerable password reset functionality until a patch is available, or implement additional server-side validation to verify the legitimacy of password reset requests. 5) Monitor logs for unusual password reset activity or multiple failed attempts that could indicate exploitation attempts. 6) Consider deploying multi-factor authentication (MFA) for CRM access to mitigate the impact of compromised credentials resulting from CSRF attacks. 7) Engage with Qidianbang or community forums for updates or unofficial patches and plan for timely upgrades once a fix is released.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2024-0880: CWE-352 Cross-Site Request Forgery in Qidianbang qdbcrm
Description
A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/edit?id=2 of the component Password Reset. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252032. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AI-Powered Analysis
Technical Analysis
CVE-2024-0880 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Qidianbang's qdbcrm version 1.1.0. The vulnerability affects the password reset functionality accessible via the endpoint /user/edit?id=2. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application in which they are currently authenticated, potentially causing unauthorized actions without the user's consent. In this case, the vulnerability could allow a remote attacker to manipulate password reset operations by exploiting the lack of proper CSRF protections, such as missing or ineffective anti-CSRF tokens. The vulnerability is classified under CWE-352, indicating a failure to implement adequate CSRF defenses. The CVSS 3.1 base score is 4.3 (medium severity), reflecting that the attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R), and impacts integrity (I:L) without affecting confidentiality or availability. The vendor has been contacted but has not responded or issued a patch, and no known exploits are currently in the wild, though public disclosure exists. This leaves organizations using qdbcrm 1.1.0 exposed to potential CSRF attacks that could alter user credentials or other sensitive settings via the password reset component, undermining account integrity and potentially enabling further unauthorized access or privilege escalation within the CRM system.
Potential Impact
For European organizations using Qidianbang qdbcrm 1.1.0, this vulnerability poses a risk primarily to the integrity of user accounts and the CRM system's authentication mechanisms. Successful exploitation could allow attackers to reset passwords or modify user credentials without authorization, potentially leading to unauthorized access to sensitive customer data, business intelligence, or internal communications stored within the CRM. This could result in data breaches, loss of customer trust, and regulatory compliance issues under GDPR due to unauthorized access or modification of personal data. While the vulnerability does not directly impact confidentiality or availability, the indirect consequences of compromised accounts could be significant, including lateral movement within corporate networks or data exfiltration. The requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing the attack surface. The lack of vendor response and patch availability further exacerbates the risk, as organizations must rely on compensating controls until an official fix is released.
Mitigation Recommendations
European organizations should implement several specific mitigations to reduce risk from CVE-2024-0880: 1) Employ web application firewalls (WAFs) with custom rules to detect and block suspicious CSRF-like requests targeting the /user/edit endpoint, especially those lacking valid CSRF tokens or originating from untrusted sources. 2) Enforce strict Content Security Policy (CSP) headers to limit the domains from which scripts and requests can be executed, reducing the likelihood of successful CSRF attacks. 3) Educate users about phishing and social engineering risks to minimize user interaction exploitation vectors. 4) If possible, disable or restrict the vulnerable password reset functionality until a patch is available, or implement additional server-side validation to verify the legitimacy of password reset requests. 5) Monitor logs for unusual password reset activity or multiple failed attempts that could indicate exploitation attempts. 6) Consider deploying multi-factor authentication (MFA) for CRM access to mitigate the impact of compromised credentials resulting from CSRF attacks. 7) Engage with Qidianbang or community forums for updates or unofficial patches and plan for timely upgrades once a fix is released.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2024-01-25T12:52:00.394Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 683f3ee7182aa0cae28796d6
Added to database: 6/3/2025, 6:28:55 PM
Last enriched: 7/4/2025, 12:41:59 PM
Last updated: 8/14/2025, 5:15:47 AM
Views: 9
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.