Description
Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious HTML forms targeting roles_function.php with parameters like rol_assign_roles, rol_approve_users, and rol_edit_user set to 1 to escalate privileges without authentication.
Published: 2026-05-25
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in Admidio 3.3.5’s roles_function.php and allows an attacker to perform a cross‑site request forgery (CSRF) that elevates the privileges of a low‑privilege user. By submitting a crafted HTML form with parameters such as rol_assign_roles, rol_approve_users, and rol_edit_user set to 1, the victim can obtain higher level permissions without needing to authenticate or provide additional credentials. The flaw directly bypasses the origin check that should protect against CSRF attacks, leading to unauthorized privilege escalation on the system.

Affected Systems

The affected product is Admidio version 3.3.5, shipped as part of the Admidio:Admidio distribution. No other products or versions are mentioned as affected.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity risk level. Because the EPSS score is unavailable, the current public exploitation probability cannot be quantified, but the lack of a KEV listing suggests limited known exploitation activity. The likely attack vector is a traditional web‑based CSRF scenario, inferred from the description that an attacker must craft a malicious form that a vulnerable, low‑privilege user will load. If the user visits or is tricked into submitting the form, the exploit will succeed, granting the attacker unauthorized administrative capabilities. The vulnerability does not provide direct remote code execution but grants escalated privileges, which can lead to far‑reaching compromise of the application and underlying data.

Generated by OpenCVE AI on May 25, 2026 at 15:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Admidio to the latest version that includes the CSRF protection fix for roles_function.php.
  • Verify that any custom code or patches do not reenable the vulnerable parameters or disable origin checks.
  • Restrict low‑privilege user permissions by reviewing and tightening role assignment policies.
  • Monitor authentication logs for abnormal role assignment activity to detect potential exploitation attempts.

Generated by OpenCVE AI on May 25, 2026 at 15:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 25 May 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Admidio
Admidio admidio
Vendors & Products Admidio
Admidio admidio

Mon, 25 May 2026 14:30:00 +0000

Type Values Removed Values Added
Description Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious HTML forms targeting roles_function.php with parameters like rol_assign_roles, rol_approve_users, and rol_edit_user set to 1 to escalate privileges without authentication.
Title Admidio 3.3.5 Cross-Site Request Forgery via roles_function.php
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

Admidio Admidio
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-25T14:15:15.780Z

Reserved: 2026-05-25T13:42:49.589Z

Link: CVE-2018-25370

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-25T15:30:06Z

Weaknesses