CVE-2023-46010 in SeaCMSinfo

Summary

by MITRE • 10/25/2023

An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 02/13/2026

The vulnerability identified as CVE-2023-46010 represents a critical command execution flaw within SeaCMS version 12.9 that exposes the administrative interface to remote code execution attacks. This vulnerability specifically affects the admin_safe.php component, which serves as a security checkpoint for administrative operations within the content management system. The flaw arises from insufficient input validation and sanitization mechanisms that fail to properly filter user-supplied data before processing it within the system's command execution pathways. Attackers can exploit this weakness by crafting malicious payloads that bypass the intended security controls and directly invoke system commands through the vulnerable administrative interface.

The technical exploitation of this vulnerability stems from improper handling of parameters passed to the admin_safe.php script, which allows attackers to inject arbitrary commands that are subsequently executed with the privileges of the web application process. This type of vulnerability falls under CWE-77 which specifically addresses command injection flaws, and aligns with ATT&CK technique T1059.001 for command and script injection. The vulnerability demonstrates a classic lack of input validation and output encoding that enables attackers to manipulate the application's execution flow and gain unauthorized access to the underlying system. The administrative context of the affected component amplifies the severity as successful exploitation would provide attackers with full administrative privileges over the CMS installation.

The operational impact of this vulnerability extends beyond simple unauthorized access to encompass complete system compromise and potential data exfiltration. An attacker who successfully exploits this vulnerability can execute arbitrary code on the target server, potentially leading to persistent backdoor installation, privilege escalation, and lateral movement within the network infrastructure. The implications are particularly severe for organizations relying on SeaCMS for content management, as this vulnerability could result in complete system takeover, data loss, and unauthorized modification of web content. Additionally, the administrative interface typically possesses elevated privileges, making this vulnerability a prime target for attackers seeking to establish long-term access to the compromised system.

Organizations should implement immediate mitigations including applying the latest security patches provided by SeaCMS vendors, implementing network segmentation to limit access to administrative interfaces, and deploying web application firewalls to detect and block malicious command injection attempts. The recommended approach involves disabling unnecessary administrative functions, enforcing strict input validation at all entry points, and implementing proper authentication controls. Security monitoring should be enhanced to detect unusual command execution patterns and unauthorized administrative access attempts. Organizations should also consider implementing principle of least privilege access controls, restricting administrative access to trusted IP addresses only, and conducting regular security assessments to identify similar vulnerabilities within their web applications. This vulnerability underscores the critical importance of maintaining up-to-date security patches and implementing robust input validation mechanisms to prevent command injection attacks.

Reservation

10/16/2023

Disclosure

10/25/2023

Moderation

accepted

CPE

ready

EPSS

0.01227

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!