Emlog Cross-Site Request Forgery Vulnerability in Admin Functions

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in Emlog versions prior to 2.6.11. The issue arises from the absence of CSRF protection in critical administrative functions, allowing attackers to manipulate authenticated administrators into executing unauthorized actions. These actions include system registration, plugin management, and configuration changes. The vulnerability is present in the admin/auth.php and admin/plugin.php files, where key functions lack proper CSRF token validation.

Impact

Exploitation of this vulnerability could lead to unauthorized system registrations, the installation of malicious plugins, privilege escalation, and unauthorized changes to system configurations.

Reproduction

To reproduce this vulnerability, an attacker can create a malicious website that, when visited by an authenticated administrator, triggers the unauthorized actions. This can be done by sending a crafted form submission or by using an image tag to exploit the vulnerability in plugin management.

Remediation

Users are advised to update to Emlog version 2.6.11 or later, where this vulnerability has been patched.