Remote Authenticated Users Can Conduct PHP Deserialization Attacks via ColumnOrder in a POST Request
CVE-2024-24725

Currently unrated

Key Information:

Vendor: Gibbon
Vendor: CVE Published:; 23 March 2024

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 77%

What is CVE-2024-24725?

Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/import_run.php&type=externalAssessment&step=4 URI.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2024-24725
Created by Rapid7

References

https://gibbonedu.org/download/

https://www.exploit-db.com/exploits/51903

EPSS Score

77% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Apr 1, 2024
👾
Exploit known to exist
Apr 1, 2024
Vulnerability published
Mar 23, 2024
Vulnerability Reserved
Jan 27, 2024