7.5.2
CVE-2024-5581 is a Remote Code Execution (RCE) vulnerability affecting Allegra versions 7.5.1.9 through 7.5.1.9. This flaw allows authenticated attackers to execute arbitrary code on vulnerable systems. The vulnerability stems from insufficient input validation within the unzipFile method. A fix is available in Allegra version 7.5.2.
Successful exploitation of CVE-2024-5581 allows an attacker to execute arbitrary code on the affected Allegra installation with LOCAL SERVICE privileges. This could lead to complete system compromise, data exfiltration, or the installation of malicious software. The attacker would need to authenticate to the system first. The impact is significant due to the potential for remote code execution, enabling attackers to gain control over the system and potentially pivot to other systems on the network.
This vulnerability was reported to ZDI (ZDI-CAN-23453) and subsequently disclosed on 2024-11-22. The vulnerability requires authentication, which may limit its immediate exploitability. Public proof-of-concept (PoC) code is not currently available, but the relatively straightforward nature of the vulnerability suggests that a PoC may emerge. Its inclusion in the NVD indicates a potential for broader exploitation.
Exploit Status
EPSS
9.35% (93% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-5581 is to upgrade Allegra to version 7.5.2 or later, which contains the fix for this vulnerability. If immediate upgrading is not possible, consider restricting access to the unzipFile functionality or implementing strict input validation on the user-supplied path. Monitor system logs for any suspicious activity related to file operations or unexpected process executions. After upgrading, confirm the fix by attempting to trigger the vulnerability with a crafted zip file and verifying that the operation fails with an appropriate error message.
Actualice Allegra a la versión 7.5.2 o posterior. Esta versión corrige la vulnerabilidad de recorrido de directorios en el método unzipFile. La actualización mitigará el riesgo de ejecución remota de código.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-5581 is a Remote Code Execution vulnerability in Allegra versions 7.5.1.9–7.5.1.9, allowing authenticated attackers to execute arbitrary code due to insufficient path validation in the unzipFile method.
You are affected if you are running Allegra versions 7.5.1.9 through 7.5.1.9. Check your Allegra version and upgrade if necessary.
Upgrade Allegra to version 7.5.2 or later to resolve this vulnerability. If upgrading is not immediately possible, restrict access to the unzipFile functionality.
While active exploitation is not currently confirmed, the vulnerability's nature suggests a potential for exploitation, and monitoring is recommended.
Refer to the Allegra security advisory for detailed information and updates regarding CVE-2024-5581.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.