CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-57241

High Severity
Dedecms
SVRS
61/100
CVSSv3
6.5/10
EPSS
0.0305/1

CVE-2024-57241 in Dedecms allows URL redirection due to a logic error in processing GET requests. This vulnerability affects Dedecms versions 5.71sp1 and earlier. The system fails to properly validate input, leading to potential redirects to malicious sites. With a SOCRadar Vulnerability Risk Score (SVRS) of 61, this vulnerability requires attention. While not deemed critical (SVRS > 80), the "In The Wild" tag suggests active exploitation, increasing the risk. Successful exploitation can lead to phishing attacks or malware distribution by redirecting users to attacker-controlled sites. Organizations using Dedecms should apply necessary patches or mitigation strategies to prevent potential abuse. The risk of user compromise and brand reputation damage is significant.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:L
I:L
A:N
PUBLICATION DATE2025-02-11
LAST MODIFIED2025-04-01
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-57241 is a URL redirection vulnerability affecting Dedecms 5.71sp1 and earlier. A logic error in the application fails to validate input GET requests, leading to potential redirection to arbitrary URLs. While the CVSS score is 5.1, indicating a medium severity, the SOCRadar Vulnerability Risk Score (SVRS) of 30 suggests the real-world risk associated with this vulnerability is not critical. However, it's important to note that it is tagged "In The Wild", this means the vulnerability is actively exploited by hackers.

Key Insights

  1. Unvalidated Input: The core issue is the lack of input validation for GET requests. This allows attackers to craft malicious URLs that redirect users to phishing sites or other harmful destinations.
  2. Impact of Redirection: Successful exploitation can lead to credential theft (if the redirection leads to a fake login page), malware distribution (if the redirection leads to a malicious download), or reputational damage to the legitimate website.
  3. In The Wild Exploitation: The "In The Wild" tag signifies active exploitation, increasing the urgency of addressing this vulnerability, even with a lower SVRS. This means that attackers are actively searching for and exploiting vulnerable Dedecms instances.

Mitigation Strategies

  1. Input Validation and Sanitization: Implement robust input validation and sanitization for all GET requests, specifically focusing on URL parameters. Use allow lists to define acceptable URL patterns and reject any requests that deviate from these patterns.
  2. Update Dedecms: Upgrade to the latest version of Dedecms, if a patched version is available. Check the vendor's website for security updates and release notes.
  3. Web Application Firewall (WAF): Deploy a WAF to detect and block malicious URL redirection attempts. Configure the WAF with rules to identify and prevent common URL redirection attacks.
  4. Regular Security Audits: Conduct regular security audits and penetration testing to identify and address vulnerabilities in your Dedecms installation. These audits should include a review of input validation and redirection mechanisms.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-57241 | DedeCMS up to 5.71sp1 redirect
vuldb.com2025-02-12
CVE-2024-57241 | DedeCMS up to 5.71sp1 redirect | A vulnerability was found in DedeCMS up to 5.71sp1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to open redirect. This vulnerability is handled as CVE-2024-57241. The attack may be launched remotely. There is no exploit available.
vuldb.com
rss
forum
news

Social Media

CVE-2024-57241 Dedecms 5.71sp1 and earlier is vulnerable to URL redirect. In the web application, a logic error does not judge the input GET request resulting in URL redirection. https://t.co/lvPqj02Qky
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppDedecmsdedecms

References

ReferenceLink
[email protected]https://github.com/woshidaheike/dedecms-url-redirection
GITHUBhttps://github.com/woshidaheike/dedecms-url-redirection
[email protected]https://github.com/woshidaheike/dedecms-url-redirection

CWE Details

CWE IDCWE NameDescription
CWE-601URL Redirection to Untrusted Site ('Open Redirect')A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence