EUVD-2026-24135
GHSA-j2g9-rprv-hrhc
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated user with permission to edit PHP content can bypass this filtering, resulting in full remote code execution with the ability to execute arbitrary operating system commands on the server.
AnalysisAI
Remote code execution in Dolibarr ERP 22.0.4 and earlier allows authenticated users with PHP content editing permissions to execute arbitrary OS commands on the server. The vulnerability stems from a bypassable blacklist-based filter for dangerous PHP functions in the Website module. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all Dolibarr ERP deployments and identify users with PHP content editing permissions in the Website module; immediately revoke these permissions for all non-essential accounts. Within 7 days: Contact Dolibarr vendor for patch timeline; implement network-level restrictions limiting Website module access to administrative IP ranges only. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today