CRITICAL🇵🇱 Wersja polska

CVE-2024-4825

CVSS 9.8v3.1pub. 2024-05-14upd. 2025-06-27

A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the server, compromising the entire infrastructure.

🤖 AI Analysis
How it works

The vulnerability results from lack of proper verification of the type and content of uploaded files in the '/media/api' parameter handled by POST request (CWE-434: Unrestricted Upload of File with Dangerous Type). An attacker, without needing any privileges, can send a POST request containing a malicious file (e.g. webshell or other executable payload) directly to the vulnerable endpoint. The server accepts and saves the uploaded file without verifying its potentially dangerous nature.

Impact

An attacker can place malicious executable files on the server, which in practice enables remote code execution (RCE) and complete takeover of the server and entire infrastructure on which the application runs.

Mitigation & patch

Apply patches available from the vendor according to the references. Additionally, it is recommended to restrict access to the '/media/api' endpoint at the firewall or network layer until the patch is deployed, as well as monitor the server for unauthorized files in publicly accessible directories.

Who is affected

Agentejo Cockpit CMS version 0.5.5

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Agentejo Cockpit

    APP
    Agentejo
    0.5.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-2818CRITICAL9.8ten sam produkt

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit p...

CVE-2022-2713CRITICAL9.8ten sam produkt

Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0.

CVE-2020-35131CRITICAL9.8ten sam produkt

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via reg...

CVE-2020-35846CRITICAL9.8ten sam produkt

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.

CVE-2020-35847CRITICAL9.8ten sam produkt

Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function.