Platform
other
Component
allegra
Fixed in
7.5.1
CVE-2023-51640 describes a Remote Code Execution (RCE) vulnerability discovered in Allegra. This flaw allows authenticated attackers to bypass authentication and execute arbitrary code on affected systems. The vulnerability impacts Allegra versions 7.5.0 build 29 and earlier. A fix is available in version 7.5.1.
The vulnerability lies within the extarctZippedFile method, stemming from a lack of proper input validation when handling user-supplied file paths. Successful exploitation allows an attacker to execute code in the context of the LOCAL SERVICE account, granting them significant control over the affected system. This could lead to data breaches, system compromise, and potential lateral movement within the network. The ability to bypass authentication significantly increases the risk, as it removes a common barrier to entry for attackers.
This CVE was published on 2024-11-22. The vulnerability was initially reported as ZDI-CAN. Currently, there are no publicly available proof-of-concept exploits. The EPSS score is pending evaluation, but the RCE nature and authentication bypass potential suggest a medium to high probability of exploitation if a suitable exploit is developed and widely disseminated.
Exploit Status
EPSS
1.32% (80% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade Allegra to version 7.5.1 or later, which contains the necessary fix. If immediate upgrading is not possible, consider implementing stricter access controls to limit who can interact with the extarctZippedFile functionality. Review and audit existing Allegra configurations to identify any potential misconfigurations that could exacerbate the risk. Monitor system logs for suspicious activity related to file extraction and execution. While a WAF may not directly prevent this vulnerability, it can be configured to detect and block malicious requests targeting the vulnerable endpoint.
Actualizar Allegra a la versión 7.5.1 o posterior. Esta actualización corrige la vulnerabilidad de recorrido de directorios y ejecución remota de código.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2023-51640 is a Remote Code Execution vulnerability in Allegra, allowing attackers to execute arbitrary code by bypassing authentication due to insufficient path validation in the extarctZippedFile method.
You are affected if you are running Allegra versions 7.5.0 build 29 or earlier. Upgrade to 7.5.1 to mitigate the risk.
Upgrade Allegra to version 7.5.1 or later. If upgrading is not immediately possible, implement stricter access controls and monitor system logs.
Currently, there are no publicly known active exploitation campaigns, but the vulnerability's severity warrants proactive mitigation.
Refer to the Allegra vendor advisory for detailed information and updates regarding CVE-2023-51640.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.