CRITICAL🇵🇱 Wersja polska

CVE-2024-27115

CVSS 10.0v4.0pub. 2024-09-11upd. 2024-09-18

A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying any requirements. This leads to the possibility of execution of code on the underlying system when the file is triggered. The vulnerability has been remediated in version 1.52.02.

🤖 AI Analysis
How it works

The vulnerability results from a lack of verification requirements before transferring an uploaded file to a publicly accessible folder (CWE-434 — unrestricted upload of file with dangerous type). An attacker can send a malicious executable file directly to the application without authentication. The file is placed in a publicly accessible directory before any validation is performed. Then it is enough to call the URL pointing to this file to cause code execution on the server.

Impact

An attacker without any privileges can execute arbitrary code on the server hosting the SO Planning application, which in practice means complete takeover of the operating system and potentially other resources on the network.

Mitigation & patch

SO Planning should be updated to version 1.52.02 or newer, in which the vulnerability has been fixed by the vendor. As a temporary measure, it is worth considering restricting network access to the application only to trusted IP addresses.

Who is affected

SO Planning (Soplanning) in versions prior to 1.52.02

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:I/V:C/RE:M/U:Red
  • Soplanning

    APP
    Soplanning
    < 1.52.02
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-57169CRITICAL9.8PL ✓ten sam produkt

SOPlanning 1.53.00 — ominięcie ograniczeń przesyłania plików prowadzące do RCE

CVE-2024-9574CRITICAL9.8PL ✓ten sam produkt

SQL Injection w SOPlanning — dostęp do całej bazy danych

CVE-2024-27113CRITICAL9.3PL ✓ten sam produkt

IDOR w SO Planning umożliwia nieuwierzytelniony eksport bazy danych

CVE-2024-27112CRITICAL9.3PL ✓ten sam produkt

SQL Injection w SO Planning — dostęp do bazy bez uwierzytelnienia

CVE-2020-13963CRITICAL9.8ten sam produkt

SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related au...