Skip to content

thinkcmf v5.17 unauthorized vulnerability #722

Closed
@Swagtimeao

Description

thinkcmf v5.17 found an unauthorized vulnerability. The attacker can modify the password of the administrator account with id 1 through the background user management group permissions. The use condition is that the background user management group authority is required. By default, the password of the administrator account with id 1 cannot be modified.

Vulnerable Files:/public/plugins/portal/controller/AdminRbacController.php

clipboard

Browser access /admin/user/edit/id/1.html,Modify the password of the administrator account with id 1.
clipboard2

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions