CVE-2024-56143

HIGH LAB

Strapi 5.0.0-5.5.1 - Unauthenticated Private Field Exposure via Lookup Operator

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-56143. PoCs published by exploitintel.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2024-56143, an IDOR vulnerability in Strapi 5 that allows unauthenticated attackers to extract sensitive data (e.g., admin password hashes, emails, reset tokens) via the `lookup` parameter injection. The PoCs include blind password hash extraction, email enumeration, and full account takeover.

Description

Strapi is an open-source headless content management system. In versions from 5.0.0 to before 5.5.2, the lookup operator provided by the document service does not properly sanitize query parameters for private fields. An attacker can access private fields, including admin passwords and reset tokens, by crafting queries with the lookup parameter. This vulnerability is fixed in 5.5.2.

Exploits (1)

github WORKING POC 1 stars

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2024-56143

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2024-56143, an IDOR vulnerability in Strapi 5 that allows unauthenticated attackers to extract sensitive data (e.g., admin password hashes, emails, reset tokens) via the `lookup` parameter injection. The PoCs include blind password hash extraction, email enumeration, and full account takeover.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Strapi 5.0.0 to 5.5.1

No auth needed

Prerequisites: public content type endpoint · network access to Strapi API

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Mar 02, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory x_refsource_confirm

https://github.com/strapi/strapi/security/advisories/GHSA-495j-h493-42q2

Patch x_refsource_misc

https://github.com/strapi/strapi/commit/0c6e0953ae1e62afae9329de7ae6d6a5e21b95b8

View Patch ZIP pw:eip

Related Analysis

72-Hour Stress Test

Scores

CVSS v3 8.2

EPSS 0.0002

EPSS Percentile 6.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Lab Environment

EIP LAB

vulnerable docker pull ghcr.io/exploitintel/cve-2024-56143-vulnerable:latest

View in Library GitHub

Details

CWE

CWE-639

Status published

Products (2)

strapi/core 5.0.0 - 5.5.2npm

strapi/strapi 5.0.0 - 5.5.2

Published Oct 16, 2025

Tracked Since Feb 18, 2026