This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: ChurchCRM has a **Path Traversal** flaw in its backup/restore feature.β¦
π‘οΈ **Root Cause**: **CWE-22 (Path Traversal)**. The system fails to properly sanitize file paths during backup/restore operations, allowing directory traversal attacks.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: **ChurchCRM** versions **prior to 6.5.3**. Specifically the CRM product by vendor ChurchCRM.
Q4What can hackers do? (Privileges/Data)
π **Attacker Actions**: With admin privileges, hackers can execute arbitrary code on the server. This leads to full **Confidentiality, Integrity, and Availability** compromise (CVSS High Impact).
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **High**. Requires **Authenticated Admin** access (PR:H). Not an unauthenticated exploit, but still critical due to the severity of the outcome.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π’ **Public Exploit**: **No**. The `pocs` field is empty. No public Proof-of-Concept or wild exploitation code is currently available.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for ChurchCRM installations. Check version numbers. Look for exposed **Backup/Restore** functionality accessible to admins.
Q8Is it fixed officially? (Patch/Mitigation)
β **Fix**: Yes. Upgrade to **ChurchCRM 6.5.3** or later. Refer to the GitHub Security Advisory for official patch details.
Q9What if no patch? (Workaround)
π§ **No Patch?**: Restrict admin access strictly. Disable or restrict the **Backup/Restore** feature if possible. Monitor Apache logs for `.htaccess` modifications.
Q10Is it urgent? (Priority Suggestion)
β οΈ **Urgency**: **High Priority**. CVSS Score indicates Critical impact (H/H/H). Even though auth is required, the RCE risk is severe. Patch immediately if vulnerable.