Exploit
CVE-2024-7438

Improper Control of Resource Identifiers ('Resource Injection') (CWE-99)

Published: Aug 3, 2024 / Updated: 3mo ago

010
CVSS 5.3EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A vulnerability has been discovered in SimpleMachines SMF 2.1.4, specifically in the User Alert Read Status Handler component. The vulnerability is located in the file /index.php?action=profile;u=2;area=showalerts;do=read. The issue stems from improper control of resource identifiers, where manipulation of the 'aid' argument can lead to potential exploitation. This vulnerability can be exploited remotely and has been publicly disclosed.

Impact

The vulnerability allows for remote exploitation and has a low integrity impact. While there is no direct impact on confidentiality or availability, the ability to manipulate resource identifiers could potentially lead to unauthorized access to user alerts or other resources. This could result in information disclosure or unauthorized modifications to user data, depending on how the 'aid' parameter is used within the application.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, no patch has been explicitly mentioned. The vulnerability disclosure notes that the vendor (SimpleMachines) was contacted early about this issue but did not respond in any way. Therefore, it's likely that an official patch is not yet available.

Mitigation

Given the lack of an official patch, consider the following mitigation strategies: 1. Implement strict input validation for the 'aid' parameter in the affected file. 2. Apply access controls to limit who can access the User Alert Read Status Handler functionality. 3. Monitor and log access to the affected endpoint for any suspicious activity. 4. Consider temporarily disabling the affected functionality if it's not critical to operations. 5. Keep the SimpleMachines SMF software updated to the latest version, as a patch may be released in the future. 6. Implement web application firewall (WAF) rules to filter potentially malicious requests to the affected endpoint.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-7438. See article

Aug 3, 2024 at 3:37 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Aug 3, 2024 at 3:38 PM
CVE Assignment

NVD published the first details for CVE-2024-7438

Aug 3, 2024 at 4:15 PM
CVSS

A CVSS base score of 4.3 has been assigned.

Aug 3, 2024 at 4:20 PM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.3%)

Aug 6, 2024 at 10:12 AM
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Sep 11, 2024 at 5:10 PM
CVSS

A CVSS base score of 4.3 has been assigned.

Oct 28, 2024 at 9:11 PM / nvd
Static CVE Timeline Graph

Affected Systems

Simplemachines/simple_machines_forum
+null more

Exploits

https://github.com/Fewword/Poc/blob/main/smf/smf-poc2.md
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI