CVE-2024-56924
Published: 22 January 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2024-56924 is a Cross-Site Request Forgery (CSRF) vulnerability, classified under CWE-352, affecting the Code Astro Internet Banking System version 2.0.0. The flaw resides in the admin page (pages_account) due to improper validation of user requests, enabling remote attackers to execute arbitrary JavaScript. This issue has a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N), indicating high confidentiality and integrity impacts with network accessibility, low complexity, required low privileges, and user interaction.
Attackers can exploit this vulnerability remotely by tricking an authenticated admin user into interacting with a malicious webpage or resource, such as clicking a crafted link. Successful exploitation allows execution of arbitrary JavaScript in the context of the admin page, potentially enabling unauthorized actions like modifying account settings or exfiltrating sensitive user information.
Further details, including proof-of-concept code, are available in the referenced GitHub repository at https://github.com/ipratheep/CVE-2024-56924. No specific patch or mitigation guidance is detailed in the provided information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CSRF vulnerability in public-facing internet banking admin panel enables forging requests to abuse valid admin accounts (T1078), perform unauthorized account modifications (T1098), and exploit the public-facing application (T1190).