CVE-2024-9985
Unrestricted Upload of File with Dangerous Type (CWE-434)
Summary
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.
Impact
This vulnerability allows attackers to execute arbitrary code on the remote server, potentially leading to complete system compromise. The attacker can gain unauthorized access to sensitive data, modify or delete information, and potentially use the compromised server as a launching point for further attacks within the network. Given the high impact on confidentiality, integrity, and availability, this vulnerability poses a severe risk to the affected systems.
Exploitation
There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.
Patch
A patch is available. The vulnerability affects Enterprise Cloud Database versions prior to the update released on 2024-08-08.
Mitigation
1. Update Enterprise Cloud Database from Ragic to the version released on or after 2024-08-08. 2. Implement strict file type validation for all file uploads. 3. Use a web application firewall (WAF) to filter potentially malicious file uploads. 4. Implement least privilege principles to limit the potential impact of successful attacks. 5. Regularly monitor and audit file upload activities for any suspicious behavior.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
NVD published the first details for CVE-2024-9985
Feedly found the first article mentioning CVE-2024-9985. See article
Feedly estimated the CVSS score as HIGH
EPSS Score was set to: 0.09% (Percentile: 39.8%)
A CVSS base score of 9.8 has been assigned.