CVE-2012-10059 in ERP
Summary
by MITRE • 08/14/2025
Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 08/15/2025
The vulnerability identified as CVE-2012-10059 represents a critical post-authenticated operating system command injection flaw within Dolibarr ERP/CRM software versions 3.1.1 and 3.2.0. This security weakness resides in the database backup functionality of the application, specifically within the export.php script that handles database export operations. The flaw stems from inadequate input validation and sanitization of the sql_compat parameter, which is used to specify compatibility modes for SQL exports. When authenticated users interact with the backup feature, they can manipulate this parameter to inject malicious system commands that will be executed on the underlying operating system with the privileges of the web application process.
The technical exploitation of this vulnerability occurs through the improper handling of user-supplied input within the export.php script. The sql_compat parameter is directly incorporated into system commands without adequate sanitization or validation, creating an environment where attacker-controlled input can be interpreted as executable code by the operating system. This type of vulnerability falls under the CWE-77 category, specifically CWE-77: Improper Neutralization of Special Elements used in a Command, which is a well-established weakness pattern in software security. The vulnerability allows authenticated attackers to execute arbitrary commands on the target system, potentially leading to complete system compromise, data exfiltration, or further lateral movement within the network infrastructure.
The operational impact of this vulnerability extends beyond simple remote code execution, as it provides attackers with the ability to manipulate the entire database backup process and potentially access sensitive system information. An attacker who has obtained valid user credentials can leverage this vulnerability to escalate privileges, install backdoors, or perform data manipulation within the application environment. The post-authenticated nature of this vulnerability means that it requires legitimate user access, but once achieved, it can be leveraged for significant damage. This weakness directly aligns with ATT&CK technique T1059.001 for Command and Scripting Interpreter, where adversaries use legitimate system utilities to execute malicious commands. The vulnerability affects the integrity and availability of the application's data and can potentially be used to establish persistent access to the target system.
Organizations using affected Dolibarr versions should immediately implement mitigations including upgrading to patched versions of the software, implementing proper input validation and sanitization for all user-supplied parameters, and restricting access to backup functionality to only authorized personnel. The recommended solution involves applying the official security patches provided by Dolibarr developers, which typically include proper sanitization of the sql_compat parameter and implementation of secure coding practices. Additionally, network segmentation and access controls should be enforced to limit the scope of potential exploitation, while monitoring systems should be configured to detect unusual backup activities or command execution patterns. The vulnerability serves as a reminder of the importance of input validation in web applications and the critical need for secure coding practices that prevent command injection attacks, particularly in administrative functions that handle system-level operations.