CVE-2024-24551: Bludit - Remote Code Execution (RCE) through Image API
First published: Mon Jun 24 2024(Updated: )
A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files.
Credit: vulnerability@ncsc.ch
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bludit |
Remedy
1. Remove tmp-folder from webroot: Ensure that the temporary file directory is relocated outside of the web root to prevent unauthorized access. 2. Remove files from tmp folder even on negative checks: Implement a cleanup process to remove files from the temporary folder, regardless of whether the file extension check is positive or negative. 3. Consolidate image upload code for AJAX requests: It should be noted that there is code for handling image uploads over AJAX (and not through the API) under `bl-kernel/ajax/profile-picture-upload.php`. This code is similar, but different to the API image upload code. For instance, the AJAX code for image uploads includes MIME type validation to provide an additional layer of security. It is advised to consolidate the code into a single location for easier maintenance and ensuring that it is consistent across different parts of the application.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-24551?
CVE-2024-24551 is considered a high severity vulnerability due to the potential for authenticated attackers to execute arbitrary code.
How do I fix CVE-2024-24551?
To fix CVE-2024-24551, update Bludit to the latest version that addresses the file upload handling issue.
Who is affected by CVE-2024-24551?
CVE-2024-24551 affects installations of Bludit that allow file uploads via the Image API.
What can attackers do with CVE-2024-24551?
Attackers can upload and execute malicious PHP files on the server due to improper file handling in Bludit's Image API.
Is there a workaround for CVE-2024-24551?
A temporary workaround for CVE-2024-24551 includes disabling file uploads until the software is updated.
- agent/remedy
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- collector/nvd-api
- source/NVD
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/bludit
- canonical/bludit