Platform
php
Component
mautic/core
Fixed in
5.2.4
5.2.3
CVE-2024-47051 represents a critical Remote Code Execution (RCE) vulnerability discovered in Mautic Core versions prior to 5.2.3. This flaw allows authenticated users to bypass file extension restrictions and upload executable files, potentially granting attackers complete control over the system. The vulnerability impacts Mautic Core versions 5.2.2 and earlier, and a patch is available in version 5.2.3.
The primary impact of CVE-2024-47051 is the potential for Remote Code Execution. An attacker, once authenticated within the Mautic environment, can leverage the flawed asset upload functionality to upload and execute arbitrary PHP code. This could lead to complete system compromise, including data exfiltration, modification of Mautic configurations, and even the installation of backdoors. The attacker could potentially pivot from the Mautic server to other systems within the network, depending on the server's configuration and access privileges. This vulnerability shares similarities with other file upload vulnerabilities where insufficient validation allows for the execution of malicious code.
CVE-2024-47051 was publicly disclosed on 2025-02-26. The vulnerability's criticality and ease of exploitation suggest a medium probability of exploitation (EPSS score likely medium). Public proof-of-concept (PoC) code is likely to emerge, increasing the risk of exploitation. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting Mautic installations.
Exploit Status
EPSS
0.74% (73% percentile)
CISA SSVC
CVSS Vector
The most effective mitigation for CVE-2024-47051 is to immediately upgrade Mautic Core to version 5.2.3 or later. If an immediate upgrade is not feasible, consider implementing temporary workarounds. Strictly enforce file extension whitelisting in the asset upload functionality, rejecting any files with potentially executable extensions. Implement a Web Application Firewall (WAF) with rules to detect and block suspicious file uploads. Review and restrict file upload permissions to the minimum necessary. After upgrading, confirm the vulnerability is resolved by attempting to upload a test file with a known malicious extension and verifying that it is rejected.
Update Mautic to version 5.2.3 or later. This version contains the security fixes necessary to mitigate the remote code execution and file deletion vulnerabilities via path traversal. It is recommended to perform the update as soon as possible to protect your system.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-47051 is a critical Remote Code Execution vulnerability in Mautic Core versions before 5.2.3, allowing authenticated users to upload and execute malicious PHP scripts.
Yes, if you are running Mautic Core versions 5.2.2 or earlier, you are vulnerable to this RCE vulnerability.
Upgrade Mautic Core to version 5.2.3 or later to patch this vulnerability. Implement temporary workarounds like strict file extension whitelisting if an immediate upgrade is not possible.
While no active exploitation has been confirmed, the vulnerability's criticality and ease of exploitation suggest a medium probability of exploitation.
Refer to the official Mautic security advisory for detailed information and updates: [https://www.mautic.org/security-advisories](https://www.mautic.org/security-advisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.