CVE-2022-41471

Vulnerability

74cmsSE v3.12.0 contains an improper permission configuration vulnerability that allows authenticated users assigned a low-privilege role to modify the rights and credentials of the Super Administrator account [1]. The flaw resides in the role rights management functionality, where the system does not properly enforce access controls when editing senior administrator roles or super administrator accounts.

Exploitation

An attacker must first authenticate as a low-privilege user. To achieve this, an administrator (or an existing user with sufficient privileges) must create a role with minimal rights via System > Role Rights Management, then create a low-permission account under that role through System > Administrator List [1]. Once logged in with that low-permission account, the attacker can navigate to the administrator management interface and edit the senior administrator role or the super administrator account directly, and change the super administrator password without any additional authorization checks [1].

Impact

A successful attack results in the attacker gaining the ability to arbitrarily change the password of the Super Administrator account, effectively taking full control of the 74cmsSE installation [1]. This compromise leads to complete loss of confidentiality, integrity, and availability of the application and its data, as the attacker can then perform any administrative action.

Mitigation

As of the available references, no official patched version or security update has been released by the vendor for 74cmsSE v3.12.0 [1]. Organizations running this version should restrict access to the application to trusted users only, audit administrator account changes regularly, and consider implementing additional network-level controls such as web application firewalls (WAF) to monitor for abnormal permission changes. If no update becomes available, migrating away from this software should be evaluated.