CVE-2024-37149
External Control of File Name or Path (CWE-73)
Published: Jul 10, 2024 / Updated: 4mo ago
010
CVSS 7.2EPSS 0.04%High
CVE info copied to clipboard
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Timeline
First Article
Feedly found the first article mentioning CVE-2024-37149. See article
Jul 3, 2024 at 9:20 AM / Release notes from glpi
CVSS Estimate
Feedly estimated the CVSS score as HIGH
Jul 10, 2024 at 7:34 PM
CVE Assignment
NVD published the first details for CVE-2024-37149
Jul 10, 2024 at 8:15 PM
CVSS
A CVSS base score of 7.2 has been assigned.
Jul 10, 2024 at 8:20 PM / nvd
EPSS
EPSS Score was set to: 0.04% (Percentile: 9.3%)
Jul 11, 2024 at 1:11 PM
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Qualys (691579)
Jul 29, 2024 at 7:53 AM
Affected Systems
Glpi-project/glpi
+null more
Links to Mitre Att&cks
T1562.003: Impair Command History Logging
+null more
Attack Patterns
CAPEC-13: Subverting Environment Variable Values
+null more
News
From a GLPI patch bypass to RCE
In this post I will describe how I found a patch bypass to re-exploit a SQL injection vulnerability (previously found by brent-hopkins ), along with how to take it further to achieve RCE on a vulnerable GLPI instance. However, it is not possible to poison this variable anymore, so we need to update this value in the database directly as shown in the Session::init method, and the savedsearches_pinned field will help us get there.
US-CERT Vulnerability Summary for the Week of July 8, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available. Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores: High : vulnerabilities with a CVSS base score of 7.0–10.0 Medium : vulnerabilities with a CVSS base score of 4.0–6.9 Low : vulnerabilities with a CVSS base score of 0.0–3.9 Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links.
CVE-2024-37149
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16. CVE-2024-37149 originally published on CyberSecurityBoard
NA - CVE-2024-37149 - GLPI is an open-source asset and IT management...
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a...
cveNotify : 🚨 CVE-2024-37149GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.🎖@cveNotify
cveNotify : 🚨 CVE-2024-37149GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.🎖@cveNotify
See 9 more articles and social media posts