CVE-2024-58279

HIGH8.6Remote code exec

Description

appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.

CVSS breakdown

CVSS 4.0

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

High

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

appRain / appRain CMF4.0.5 – 4.0.5

References

EXPLOIThttps://www.exploit-db.com/exploits/52041
MISChttps://www.apprain.org
MISChttps://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip
VENDOR_ADVISORYhttps://www.vulncheck.com/advisories/apprain-cmf-authenticated-remote-code-execution-via-filemanager-upload