phpIPAM Cross-Site Request Forgery Vulnerability in Database Export Functionality

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in phpIPAM version 1.7.3 and prior releases. The issue resides in the database export feature, specifically within the 'generate-mysql.php' function located at the '/app/admin/import-export/' endpoint. This vulnerability allows remote attackers to initiate downloads of large database dumps by sending crafted HTTP GET requests, exploiting the absence of CSRF token verification. The attack requires an active session of an administrator.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition by causing excessive server resource consumption through repeated large database dump downloads. Additionally, there is a risk of indirect information exposure, as sensitive data could be compromised if the administrator's environment is breached.

Remediation

Users are advised to update to phpIPAM version 1.7.4 or later, as the vulnerability has been fixed in the latest release. The vulnerability has been addressed by adding CSRF token protection to the export functionality.