Skip to main content

CVE-2024-0880: CWE-352 Cross-Site Request Forgery in Qidianbang qdbcrm

Medium
VulnerabilityCVE-2024-0880cvecve-2024-0880cwe-352
Published: Thu Jan 25 2024 (01/25/2024, 17:31:04 UTC)
Source: CVE Database V5
Vendor/Project: Qidianbang
Product: qdbcrm

Description

A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/edit?id=2 of the component Password Reset. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252032. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

AI-Powered Analysis

AILast updated: 07/04/2025, 12:41:59 UTC

Technical Analysis

CVE-2024-0880 is a Cross-Site Request Forgery (CSRF) vulnerability identified in Qidianbang's qdbcrm version 1.1.0. The vulnerability affects the password reset functionality accessible via the endpoint /user/edit?id=2. CSRF vulnerabilities allow an attacker to trick an authenticated user into submitting a forged request to a web application in which they are currently authenticated, potentially causing unauthorized actions without the user's consent. In this case, the vulnerability could allow a remote attacker to manipulate password reset operations by exploiting the lack of proper CSRF protections, such as missing or ineffective anti-CSRF tokens. The vulnerability is classified under CWE-352, indicating a failure to implement adequate CSRF defenses. The CVSS 3.1 base score is 4.3 (medium severity), reflecting that the attack vector is network-based (AV:N), requires no privileges (PR:N), but does require user interaction (UI:R), and impacts integrity (I:L) without affecting confidentiality or availability. The vendor has been contacted but has not responded or issued a patch, and no known exploits are currently in the wild, though public disclosure exists. This leaves organizations using qdbcrm 1.1.0 exposed to potential CSRF attacks that could alter user credentials or other sensitive settings via the password reset component, undermining account integrity and potentially enabling further unauthorized access or privilege escalation within the CRM system.

Potential Impact

For European organizations using Qidianbang qdbcrm 1.1.0, this vulnerability poses a risk primarily to the integrity of user accounts and the CRM system's authentication mechanisms. Successful exploitation could allow attackers to reset passwords or modify user credentials without authorization, potentially leading to unauthorized access to sensitive customer data, business intelligence, or internal communications stored within the CRM. This could result in data breaches, loss of customer trust, and regulatory compliance issues under GDPR due to unauthorized access or modification of personal data. While the vulnerability does not directly impact confidentiality or availability, the indirect consequences of compromised accounts could be significant, including lateral movement within corporate networks or data exfiltration. The requirement for user interaction means phishing or social engineering campaigns could be used to trigger the exploit, increasing the attack surface. The lack of vendor response and patch availability further exacerbates the risk, as organizations must rely on compensating controls until an official fix is released.

Mitigation Recommendations

European organizations should implement several specific mitigations to reduce risk from CVE-2024-0880: 1) Employ web application firewalls (WAFs) with custom rules to detect and block suspicious CSRF-like requests targeting the /user/edit endpoint, especially those lacking valid CSRF tokens or originating from untrusted sources. 2) Enforce strict Content Security Policy (CSP) headers to limit the domains from which scripts and requests can be executed, reducing the likelihood of successful CSRF attacks. 3) Educate users about phishing and social engineering risks to minimize user interaction exploitation vectors. 4) If possible, disable or restrict the vulnerable password reset functionality until a patch is available, or implement additional server-side validation to verify the legitimacy of password reset requests. 5) Monitor logs for unusual password reset activity or multiple failed attempts that could indicate exploitation attempts. 6) Consider deploying multi-factor authentication (MFA) for CRM access to mitigate the impact of compromised credentials resulting from CSRF attacks. 7) Engage with Qidianbang or community forums for updates or unofficial patches and plan for timely upgrades once a fix is released.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2024-01-25T12:52:00.394Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 683f3ee7182aa0cae28796d6

Added to database: 6/3/2025, 6:28:55 PM

Last enriched: 7/4/2025, 12:41:59 PM

Last updated: 8/14/2025, 5:15:47 AM

Views: 9

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats