Miggo Logo

CVE-2020-25262:
PyroCMS Vulnerable to CSRF

4.3

CVSS Score
3.1

Basic Information

EPSS Score
0.34959%
Published
5/24/2022
Updated
4/25/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
pyrocms/pyrocmscomposer<= 3.7

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from handling a destructive action (page deletion) via GET request without CSRF protection. In typical Laravel implementations (which PyroCMS uses), such actions should use POST/DELETE methods with CSRF tokens. The admin/pages/delete/{id} URI pattern suggests it maps to a delete method in the PagesController. The exploit demonstrates CSRF through GET requests, indicating missing CSRF middleware validation on this endpoint. While exact code isn't available, the URI structure and Laravel conventions strongly suggest the controller method handling this route is vulnerable.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Pyro*MS *.* is vuln*r**l* to *ross-sit* r*qu*st *or**ry (*SR*) vi* t** `**min/p***s/**l*t*/` URI: p***s will ** **l*t**.

Reasoning

T** vuln*r**ility st*ms *rom **n*lin* * **stru*tiv* **tion (p*** **l*tion) vi* **T r*qu*st wit*out *SR* prot**tion. In typi**l `L*r*v*l` impl*m*nt*tions (w*i** `Pyro*MS` us*s), su** **tions s*oul* us* `POST`/`**L*T*` m*t*o*s wit* *SR* tok*ns. T** `**