CVE-2024-52771 identifies a critical security vulnerability in DedeBIZ version 6.3.0, a content management system widely used for website administration. The vulnerability resides in the /admin/file_manage_view component, which improperly restricts file path inputs, allowing attackers to perform arbitrary file deletion on the server. This is a classic example of CWE-22, where insufficient validation of user-supplied file paths enables directory traversal attacks. The vulnerability can be exploited remotely without any authentication or user interaction, making it highly accessible to attackers. Successful exploitation results in the deletion of arbitrary files, which can compromise the integrity and availability of the affected system. This could lead to denial of service conditions, loss of critical data, or disruption of website functionality. The CVSS v3.1 score of 9.1 reflects the vulnerability's high impact on integrity and availability, combined with its low attack complexity and no required privileges. Although no public exploits have been reported yet, the critical nature and ease of exploitation make it a prime target for attackers once exploit code becomes available. No official patches or updates have been released at the time of this report, necessitating immediate mitigation efforts by administrators. The vulnerability's presence in a popular CMS component suggests a broad potential attack surface, especially in regions where DedeBIZ is commonly deployed. Organizations should conduct thorough audits of their DedeBIZ installations and monitor for suspicious activity related to file management endpoints.

The arbitrary file deletion vulnerability in DedeBIZ 6.3.0 poses a severe risk to organizations relying on this CMS for website and content management. Exploitation can lead to deletion of critical files, including configuration files, application data, or system files, resulting in service outages and data loss. This compromises system integrity and availability, potentially causing prolonged downtime and costly recovery efforts. Attackers can disrupt business operations, deface websites, or remove security controls by deleting key files. Since the vulnerability requires no authentication and no user interaction, it can be exploited by remote attackers at scale, increasing the risk of widespread attacks. The lack of patches further exacerbates the threat, leaving organizations exposed until mitigations or updates are applied. The impact extends beyond individual organizations to their customers and users, potentially damaging reputation and trust. Industries with high reliance on web presence, such as e-commerce, media, and government services, are particularly vulnerable. The vulnerability also raises concerns about supply chain security if compromised sites serve as vectors for further attacks.

Until an official patch is released, organizations should implement several specific mitigations to reduce risk. First, restrict access to the /admin/file_manage_view endpoint using network-level controls such as IP whitelisting or VPN access to limit exposure to trusted administrators only. Employ web application firewalls (WAFs) with custom rules to detect and block directory traversal patterns and suspicious file deletion requests targeting this component. Conduct thorough input validation and sanitization on all file path parameters if custom modifications are possible. Regularly back up critical files and system configurations to enable rapid recovery in case of file deletion. Monitor server logs and file system changes for unusual activity indicative of exploitation attempts. Consider deploying intrusion detection systems (IDS) tuned to detect exploitation signatures related to CWE-22 attacks. Engage with the DedeBIZ vendor or community to obtain updates and patches promptly once available. Finally, educate administrators about the risks and signs of exploitation to enhance incident response readiness.