# REPRO-2026-00054: Craft CMS: Unauthenticated Database Backup Trigger

## Summary
Status: published
Severity: medium
Type: security
Confidence: Unknown

## Identifiers
REPRO ID: REPRO-2026-00054
GHSA: GHSA-v64r-7wg9-23pr
CVE: CVE-2025-68456

## Package
Name: craftcms/cms
Ecosystem: composer
Affected: Unknown
Fixed: Unknown

## Root Cause
No root cause analysis available.

## Reproduction Details
Reproduced: 2026-01-08T11:28:39.561Z
Duration: 2206 seconds
Tool calls: 51
Turns: 2
Handoffs: 1

## Timeline (Key Moments)
1. [poc_created] Reproduction Script Written (repro)
   The exploit reproduction script was created, marking the development of the proof of concept.
2. [vuln_triggered] Initial Exploit Execution (repro)
   The reproduction script was first executed, attempting to trigger the vulnerability.
3. [env_setup] Database Connectivity Verified (repro)
   Successful MySQL connection confirmed the vulnerable environment was properly set up.
4. [discovery] User Authentication Details Checked (repro)
   Querying MariaDB user authentication methods provided critical insight into the environment's security posture.
5. [confirmation] Reproduction Script Finalized (repro)
   The self-contained reproduction script was completed and confirmed, indicating successful verification of the vulnerability.

## Quick Verification
Run one of these commands to verify locally:

    pruva-verify REPRO-2026-00054
    pruva-verify GHSA-v64r-7wg9-23pr
    pruva-verify CVE-2025-68456

Or open in GitHub Codespaces (zero-friction, auto-runs):

    https://github.com/codespaces/new?ref=repro/REPRO-2026-00054&repo=N3mes1s/pruva-sandbox

Or download and run the script manually:

    curl -O https://api.pruva.dev/v1/reproductions/REPRO-2026-00054/artifacts/bundle/reproduction_steps.sh
    chmod +x reproduction_steps.sh
    ./reproduction_steps.sh

WARNING: Run in a sandboxed environment. This exploits a real vulnerability.

## References
- GitHub Advisory: https://github.com/advisories/GHSA-v64r-7wg9-23pr
- NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-68456
- Source: https://nvd.nist.gov/vuln/detail/CVE-2025-68456

## Artifacts
- bundle/reproduction_steps.sh (reproduction_script, 11728 bytes)
- bundle/repro/rca_report.md (analysis, 3786 bytes)
- bundle/ticket.md (ticket, 4373 bytes)
- bundle/logs/php-server-20260108-105857.log (log, 99719 bytes)
- bundle/logs/run-20260108-111029.log (log, 4012 bytes)
- bundle/logs/run-20260108-111630.log (log, 6047 bytes)
- bundle/logs/run-20260108-110610.log (log, 4559 bytes)
- bundle/logs/run-20260108-111918.log (log, 30710 bytes)
- bundle/logs/php-server-20260108-111918.log (log, 9359 bytes)
- bundle/logs/mysql-20260108-110310.log (log, 62 bytes)
- bundle/logs/curl-20260108-105607.log (log, 1888 bytes)
- bundle/logs/run-20260108-105857.log (log, 41287 bytes)
- bundle/logs/run-20260108-105607.log (log, 31944 bytes)
- bundle/logs/mysql-20260108-105857.log (log, 62 bytes)
- bundle/logs/run-20260108-110310.log (log, 21290 bytes)
- bundle/logs/mysql-20260108-105607.log (log, 62 bytes)
- bundle/logs/run-20260108-111338.log (log, 4012 bytes)
- bundle/logs/php-server-20260108-105607.log (log, 501 bytes)
- bundle/logs/run-20260108-111757.log (log, 2919 bytes)

## API Access
- JSON: https://api.pruva.dev/v1/reproductions/REPRO-2026-00054
- Script: https://api.pruva.dev/v1/reproductions/REPRO-2026-00054/artifacts/bundle/reproduction_steps.sh
- Web: https://pruva.dev/r/REPRO-2026-00054

## For AI Assistants
To help users with this reproduction:
1. The `pruva-verify` command is the simplest way to run the reproduction
2. The script downloads and runs automatically in an isolated temp directory
3. Always recommend running in a VM, container, or disposable environment
4. The root cause explains the technical vulnerability

---
Generated by Pruva | https://pruva.dev