CVE-2024-10571

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') (CWE-98)

Published: Nov 14, 2024 / Updated: 5d ago

010
CVSS 9.8EPSS 0.09%Critical
CVE info copied to clipboard

Summary

The Chartify – WordPress Chart Plugin for WordPress contains a Local File Inclusion vulnerability in all versions up to and including 2.9.5. The vulnerability is present in the 'source' parameter and allows unauthenticated attackers to include and execute arbitrary files on the server. This can lead to the execution of any PHP code within those files.

Impact

This vulnerability has severe potential impacts: 1. Bypass of access controls: Attackers can access restricted areas of the system. 2. Sensitive data exposure: Confidential information stored on the server could be accessed and exfiltrated. 3. Remote Code Execution (RCE): In cases where "safe" file types like images can be uploaded and included, attackers may achieve arbitrary code execution on the server. 4. Full system compromise: Given the high severity (CVSS 9.8), successful exploitation could lead to complete system takeover.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided information. However, given that the vulnerability affects "all versions up to, and including, 2.9.5" of the Chartify plugin, it is likely that a patched version (2.9.6 or higher) may be available or forthcoming. The security team should check for updates to the Chartify plugin and apply them as soon as they become available.

Mitigation

1. Update the Chartify WordPress Chart Plugin to a version newer than 2.9.5 if available. 2. If an update is not available, consider temporarily disabling the Chartify plugin until a patch is released. 3. Implement strong input validation and sanitization for the 'source' parameter in the plugin. 4. Use Web Application Firewall (WAF) rules to block potential Local File Inclusion attempts. 5. Regularly audit and restrict file permissions on the server to minimize the impact of successful attacks. 6. Monitor server logs for suspicious file inclusion attempts or unexpected file access patterns. 7. Implement the principle of least privilege for all WordPress user roles and file system permissions.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (731897)

Nov 14, 2024 at 7:53 AM
CVE Assignment

NVD published the first details for CVE-2024-10571

Nov 14, 2024 at 11:15 AM
CVSS

A CVSS base score of 9.8 has been assigned.

Nov 14, 2024 at 11:20 AM / nvd
First Article

Feedly found the first article mentioning CVE-2024-10571. See article

Nov 14, 2024 at 11:22 AM / Vulners.com RSS Feed
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Nov 14, 2024 at 11:23 AM
Exploitation in the Wild

Attacks in the wild have been reported by Talkback News. See article

Nov 14, 2024 at 2:08 PM / Talkback News
EPSS

EPSS Score was set to: 0.09% (Percentile: 40.3%)

Nov 15, 2024 at 10:20 AM
Static CVE Timeline Graph

Affected Systems

Ays-pro/chartify
+null more

Attack Patterns

CAPEC-193: PHP Remote File Inclusion
+null more

News

Critical - CVE-2024-10571 - The Chartify – WordPress Chart Plugin plugin...
The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it...
null
- CRITICAL - CVE-2024-10571 The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
CVE-2024-10571
This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. Gravedad 3.1 (CVSS 3.1 Base Score)
CVE-2024-10571 (CVSS 9.8): Critical Flaw in WordPress Chart Plugin Under Active Attack [app] [net]
The Chartify WordPress Chart Plugin is vulnerable to unauthenticated local file inclusion (CVE-2024-10571, CVSS 9.8), urging immediate updating to version 2.9.6 or newer to prevent malicious code execution and protect websites from attacks. Chartify WordPress Chart Plugin is vulnerable to unauthenticated local file inclusion, allowing attackers to execute malicious code on affected websites.
CVE-2024-10571 - Chartify WordPress Chart Plugin Local File Inclusion Vulnerability November 14, 2024 at 11:15AM https:// ift.tt/tIhrZyb # CVE # IOC # CTI # ThreatIntelligence # ThreatIntel # Cybersecurity # Recon
See 8 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI