CVE-2024-42640

CVSS 9.8 CRITICALEPSS 43.7%CWE-434

Vexday Risk Score

75High priority

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 9.8EPSS 43.7%KEV nãoPoC públicaNuclei simMetasploit —Patch —

Lifecycle

09 Oct 2024Public PoC

11 Oct 2024Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

public PoCs found — 4

githubgithub.com/rvzsec/CVE-2024-42640★ 27 githubgithub.com/KTN1990/CVE-2024-42640★ 3 exploitdbwww.exploit-db.com/exploits/52121unverified exploitdbwww.exploit-db.com/exploits/52253unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/adonespitogo/angular-base64-upload https://www.zyenra.com/blog/unauthenticated-rce-in-angular-base64-upload.html