CVE-2024-35373

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)

Published: May 24, 2024 / Updated: 5mo ago

010
CVSS 9.8No EPSS yetCritical
CVE info copied to clipboard

Summary

Mocodo Mocodo Online versions 4.2.6 and earlier are vulnerable to remote code execution via the /web/rewrite.php file. An attacker can execute arbitrary code on the vulnerable system by sending a maliciously crafted request to this file.

Impact

This vulnerability could allow an attacker to fully compromise the vulnerable system and gain complete control over it. They could steal sensitive data, install malware, launch further attacks from the compromised system, etc. The impact is severe as it enables total system takeover. The vulnerability has a CVSS v3.1 base score of 9.8, indicating critical severity. It affects the confidentiality, integrity, and availability of the system, all with high impact.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

Upgrade to Mocodo Mocodo Online version 4.2.7 or later to address this vulnerability.

Mitigation

If upgrading is not immediately possible, apply the vendor-supplied workarounds/mitigations to reduce exposure until you can upgrade. As a temporary mitigation, restrict access to the /web/rewrite.php file.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-35373

May 24, 2024 at 9:15 PM
First Article

Feedly found the first article mentioning CVE-2024-35373. See article

May 24, 2024 at 9:24 PM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

May 24, 2024 at 9:32 PM
Trending

This CVE started to trend in security discussions

May 24, 2024 at 11:53 PM
Trending

This CVE stopped trending in security discussions

May 26, 2024 at 1:25 PM
Static CVE Timeline Graph

Links to Mitre Att&cks

T1070: Indicator Removal on Host
+null more

Attack Patterns

CAPEC-81: Web Logs Tampering
+null more

News

cveNotify : 🚨 CVE-2024-35373Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php.🎖@cveNotify
cveNotify : 🚨 CVE-2024-35373Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php.🎖@cveNotify
CVE-2024-35373 - Exploits & Severity - Feedly
Mocodo Mocodo Online versions 4.2.6 and earlier are vulnerable to remote code execution via the /web/rewrite.php file. There is no evidence of proof of exploitation at the moment.
CVE-2024-35373 | Mocodo up to 4.2.6 /web/rewrite.php Privilege Escalation
A vulnerability classified as critical was found in Mocodo up to 4.2.6 . This vulnerability affects unknown code of the file /web/rewrite.php . The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-35373 . The attack can be initiated remotely. There is no exploit available.
CVE-2024-35373
Critical Severity Description Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php. Read more at https://www.tenable.com/cve/CVE-2024-35373
CVE-2024-35373
Mocodo Mocodo Online 4.2.6 and below is vulnerable to Remote Code Execution via /web/rewrite.php. CVE-2024-35373 originally published on CyberSecurityBoard
See 5 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI