Plataforma
php
Componente
redaxo
Corregido en
5.2.1
CVE-2016-20053 describes a cross-site request forgery (CSRF) vulnerability present in Redaxo CMS versions 5.2 through 5.2. This vulnerability allows an attacker to create unauthorized administrative user accounts by deceiving authenticated administrators into visiting specially crafted malicious web pages. The impact can be significant, granting attackers privileged access to the CMS and potentially compromising the entire website. A fix is available; upgrading to a patched version is the recommended solution.
The primary impact of CVE-2016-20053 is the unauthorized creation of administrative user accounts. An attacker can craft HTML forms targeting the users endpoint, embedding hidden fields containing the necessary credentials and account parameters. By tricking an authenticated administrator into visiting a page containing this malicious form, the attacker can effectively add a new administrator account without the administrator's knowledge or consent. This grants the attacker full administrative privileges, enabling them to modify content, install malicious code, and potentially compromise the entire Redaxo CMS installation. The blast radius extends to all data and functionality accessible through the CMS, including sensitive user information and critical website configurations.
CVE-2016-20053 was published on 2026-04-04. Public proof-of-concept exploits are not widely known. The vulnerability's relatively simple nature suggests it could be exploited in targeted attacks. It is not currently listed on the CISA KEV catalog. The impact is moderate due to the need to trick an authenticated administrator, but the potential consequences of successful exploitation are severe.
Websites and applications relying on Redaxo CMS versions 5.2–5.2 are at risk. This includes organizations with limited security expertise or those who have not regularly updated their CMS installations. Shared hosting environments using Redaxo CMS are particularly vulnerable, as attackers could potentially compromise multiple websites from a single point of entry.
• php / web:
curl -I 'http://example.com/users?admin_username=attacker&admin_password=password'• php / web: Examine access logs for suspicious requests to the /users endpoint with POST data containing adminusername and adminpassword parameters.
• php / web: Review Redaxo CMS configuration files for any insecure settings related to user creation or authentication.
• generic web: Monitor for new administrative user accounts created without proper authorization.
disclosure
Estado del Exploit
EPSS
0.02% (6% percentil)
CISA SSVC
Vector CVSS
The primary mitigation for CVE-2016-20053 is to upgrade Redaxo CMS to a version that includes the security patch. Unfortunately, the specific fixed version is not provided. If upgrading immediately is not feasible, consider implementing temporary workarounds such as implementing strict input validation on the users endpoint to prevent malicious data from being submitted. Additionally, consider using a Web Application Firewall (WAF) with CSRF protection rules to filter out malicious requests. Regularly review user accounts and permissions to identify any unauthorized accounts that may have been created.
Actualice Redaxo CMS a una versión corregida. Consulte la documentación oficial de Redaxo para obtener instrucciones específicas sobre cómo actualizar y aplicar los parches de seguridad.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2016-20053 is a cross-site request forgery vulnerability in Redaxo CMS versions 5.2–5.2, allowing attackers to create admin accounts without consent.
If you are running Redaxo CMS version 5.2, you are potentially affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade Redaxo CMS to a version that includes the security patch. Consult the Redaxo CMS documentation for upgrade instructions.
While widespread exploitation is not confirmed, the vulnerability's simplicity suggests it could be targeted by attackers. Maintain vigilance and implement mitigations.
Refer to the Redaxo CMS security advisories on their official website for the latest information and updates regarding this vulnerability.
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.