Dolibarr Installation Page Exposure Scanner
This scanner detects the use of Dolibarr Installer's Installation Page Exposure in digital assets. It identifies misconfigurations that could lead to the exposure of installation pages, potentially allowing unauthorized users to exploit them. Ensuring these pages are secure is crucial for protecting sensitive business management data.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
3 weeks 12 hours
Scan only one
URL
Toolbox
-
Dolibarr is a popular open-source ERP and CRM software used by small and medium-sized enterprises to manage their business processes, including accounting, invoicing, inventory, and project management. Developed by the Dolibarr Foundation, it facilitates effective business management and optimized workflows. The software serves a global audience, providing customizable solutions tailored to diverse industry requirements. Dolibarr's PHP-based web application ensures accessibility, ease of use, and seamless integration with other tools and platforms. Users in various sectors benefit from Dolibarr's modular design, which allows organizations to select features relevant to their operations, streamlining processes and enhancing productivity.
The installation page exposure vulnerability in Dolibarr Installer involves the potential unintended access to the setup or installation page of Dolibarr ERP/CRM, generally due to misconfigurations. When exposed, this page can provide unauthorized users with access to secure configurations, such as database setup and initial credentials. Installation page exposure could leave sensitive company data at risk or lead to further exploitation of system permissions. It is crucial to secure these pages to prevent unauthorized system modification or data leaks. Regular checks and configurations are necessary to mitigate such risks effectively.
Technically, the vulnerability resides in the accessibility of the installation script at the endpoint '/install/index.php'. The presence of particular parameters within the page response, such as indicators of installation or upgrade options and language selection, signifies this exposure. The vulnerability can be detected by inspecting HTTP responses for specific content, such as "Dolibarr install or upgrade," in the HTML body. This misconfiguration results from leaving the installation script accessible after completing the software setup, which is common given the script should be deleted or restricted post-installation.
If exploited by malicious users, exposure of the Dolibarr installation page can lead to unauthorized access to configure or modify application settings. Attackers might gain the ability to alter database connections, steal credentials, or inject malicious code into the Dolibarr instance. Such actions could compromise the entire business management system, potentially causing operational disruptions and data breaches. It is critical to secure access to installation scripts to safeguard business data integrity and system reliability.
