What is CVE-2024-47051 — RCE in Mautic Core?

CVE-2024-47051 is a critical Remote Code Execution vulnerability in Mautic Core versions before 5.2.3, allowing authenticated users to upload and execute malicious PHP scripts.

Am I affected by CVE-2024-47051 in Mautic Core?

Yes, if you are running Mautic Core versions 5.2.2 or earlier, you are vulnerable to this RCE vulnerability.

How do I fix CVE-2024-47051 in Mautic Core?

Upgrade Mautic Core to version 5.2.3 or later to patch this vulnerability. Implement temporary workarounds like strict file extension whitelisting if an immediate upgrade is not possible.

Is CVE-2024-47051 being actively exploited?

While no active exploitation has been confirmed, the vulnerability's criticality and ease of exploitation suggest a medium probability of exploitation.

Where can I find the official Mautic advisory for CVE-2024-47051?

Refer to the official Mautic security advisory for detailed information and updates: [https://www.mautic.org/security-advisories](https://www.mautic.org/security-advisories)

CVE-2024-47051 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2024-47051 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• php: Examine uploaded files for suspicious PHP code or backdoors. Use grep to search for common malicious patterns within the /mautic/files directory. • generic web: Monitor web server access logs for unusual file upload activity, particularly requests containing executable file extensions. • linux / server: Use lsof to identify processes accessing uploaded files. Investigate any unexpected PHP processes.

lsof | grep /mautic/files

Mautic permite Execução de Código Remoto e Exclusão de Arquivos em Uploads de Ativos

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2024-47051 — RCE in Mautic Core?

Am I affected by CVE-2024-47051 in Mautic Core?

How do I fix CVE-2024-47051 in Mautic Core?

Is CVE-2024-47051 being actively exploited?

Where can I find the official Mautic advisory for CVE-2024-47051?

Informações do pacote

Seu projeto está afetado?