FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

Exploit
CVE-2024-9038

Unrestricted Upload of File with Dangerous Type (CWE-434)

Published: Sep 20, 2024 / Updated: 2mo ago

010
CVSS 5.3EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A problematic vulnerability has been discovered in Codezips Online Shopping Portal version 1.0. The vulnerability affects an unknown functionality in the file insert-product.php. By manipulating the arguments productimage1, productimage2, or productimage3, an attacker can perform an unrestricted upload attack. This vulnerability can be exploited remotely, and a public exploit is available.

Impact

This vulnerability allows for unrestricted file upload, which can have severe consequences. An attacker could potentially upload malicious files, leading to remote code execution, defacement of the website, or compromise of the server hosting the application. Given the CVSS v3.1 base score of 9.8 (Critical), the impact on confidentiality, integrity, and availability is considered HIGH. The attack vector is through the network, requires no user interaction, and can be executed without any privileges, making it particularly dangerous.

Exploitation

One proof-of-concept exploit is available on github.com. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, there is no mention of an available patch for this vulnerability in Codezips Online Shopping Portal 1.0. Users of this software should be on high alert and consider alternative mitigation strategies until a patch is released.

Mitigation

Given the severity and the lack of a patch, immediate action is recommended: 1. Temporarily disable file upload functionality in the affected file (insert-product.php) if possible. 2. Implement strict file type and size restrictions on uploads. 3. Use a web application firewall (WAF) to filter potentially malicious uploads. 4. Monitor system logs for any suspicious upload activities. 5. Consider isolating the affected system to minimize potential damage. 6. Keep an eye out for any patches or updates from Codezips and apply them immediately when available. 7. If feasible, consider switching to a more secure alternative until this vulnerability is addressed.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9038. See article

Sep 20, 2024 at 4:13 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 20, 2024 at 4:14 PM
CVE Assignment

NVD published the first details for CVE-2024-9038

Sep 20, 2024 at 4:15 PM
CVSS

A CVSS base score of 4.3 has been assigned.

Sep 20, 2024 at 4:20 PM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.3%)

Sep 21, 2024 at 9:28 AM
CVSS

A CVSS base score of 9.8 has been assigned.

Sep 27, 2024 at 4:15 PM / nvd
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Sep 27, 2024 at 7:12 PM
Static CVE Timeline Graph

Affected Systems

Codezips/online_shopping_portal
+null more

Exploits

https://github.com/L1OudFd8cl09/CVE/blob/main/20_09_2024_b.md
+null more

Links to Mitre Att&cks

T1574.010: Services File Permissions Weakness
+null more

Attack Patterns

CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
+null more

News

CVE-2024-9038 Exploit
inTheWild.io Exploits / 53d
CVE Id : CVE-2024-9038 Published Date: 2024-09-27T16:11:00+00:00 A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. inTheWild added a link to an exploit: https://github.com/L1OudFd8cl09/CVE/blob/main/20_09_2024_b.md
Update Sun Sep 22 14:37:56 UTC 2024
Recent Commits to cve:main / 58d
Update Sun Sep 22 14:37:56 UTC 2024
CVE Alert: CVE-2024-9038
RedPacket Security / 59d
Affected by this vulnerability is an unknown functionality of the file insert-product.php. Affected Endpoints:
CVE-2024-9038
Newest CVEs from Tenable / 2mo
Medium Severity Description A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file insert-product.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Read more at https://www.tenable.com/cve/CVE-2024-9038
CVE-2024-9038
INCIBE-CERT - Vulnerabilities RSS / 2mo
Gravedad 3.1 (CVSS 3.1 Base Score) A vulnerability classified as problematic was found in Codezips Online Shopping Portal 1.0.
See 9 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 9.8(27010)CWE-434(2743)Codezips(38)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial