Akeeba backup access control bypass
Description
Akeeba Backup for Joomla! contains an access control vulnerability that allows unauthenticated attackers to bypass authentication mechanisms and gain unauthorized access to backup files. The vulnerability affects installations where the "Enable front-end and remote backup" feature is enabled, exposing the backup management interface to external access without proper authorization checks. This flaw enables attackers to enumerate available backups and download sensitive backup archives containing complete website data, including databases, configuration files, and user credentials.
Remediation
Take the following steps to remediate this vulnerability:<br/><br/>1. <strong>Immediate Action:</strong> Disable the "Enable front-end and remote backup" option in Akeeba Backup configuration if it is not required for your operations. Navigate to Akeeba Backup > Configuration > Basic Settings and uncheck this option.<br/><br/>2. <strong>Update Software:</strong> Upgrade to the latest version of Akeeba Backup for Joomla! that addresses this access control vulnerability. Visit the official Akeeba website or use Joomla's extension manager to update.<br/><br/>3. <strong>Verify Access Controls:</strong> After updating, verify that backup files are not accessible via direct URL requests. Test by attempting to access backup files through a web browser while logged out.<br/><br/>4. <strong>Review Backup Storage:</strong> Move existing backup files outside the web-accessible directory structure or implement additional access restrictions at the web server level using .htaccess rules or equivalent configurations.<br/><br/>5. <strong>Audit Security:</strong> Review server logs for any suspicious access attempts to backup files or the Akeeba interface. Rotate all credentials (database passwords, API keys, admin passwords) if unauthorized access is suspected.