Remote Code Execution and Privilege Escalation Vulnerability in SEMCMS v.4.8
CVE-2024-31012

Currently unrated

Key Information:

Vendor: SEMCMS
Status: Semcms
Vendor: CVE Published:; 3 April 2024

What is CVE-2024-31012?

A vulnerability in SEMCMS version 4.8 exposes the system to remote code execution, allowing attackers to execute arbitrary commands and escalate privileges. This security flaw arises from improper handling of the upload.php file, which can lead unauthorized users to access and manipulate sensitive information. Users of SEMCMS should take immediate action to mitigate potential risks associated with this vulnerability.

References

https://github.com/ss122-0ss/semcmsv4.8/blob/main/readme.md

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 3, 2024