#VU103655 Path traversal in VeraCore - CVE-2024-57968

Cybersecurity Help s.r.o.

Published: 2025-02-05

Vulnerability identifier: #VU103655

Vulnerability risk: High

CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2024-57968

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
VeraCore
Web applications / Other software

Vendor: Advantive

Description

The vulnerability allows a remote user to upload files to arbitrary folders on the system.

The vulnerability exists due to input validation error when processing file uploads in /VeraCore/OMS/upload.aspx. A remote authenticated user can send a specially crafted HTTP POST request and upload files to an arbitrary location on the system.

Note, the vulnerability is being actively exploited in the wild.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

VeraCore: 02/08/2024 - 2024.4.2

External links
https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1
https://intezer.com/blog/research/xe-group-exploiting-zero-days/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability

Path traversal in Advantive VeraCore