Remote Code Execution in 74cms Background Interface
CVE-2024-46089

Currently unrated

Key Information:

Vendor: 74cms
Status: 74cms
Vendor: CVE Published:; 18 April 2025

What is CVE-2024-46089?

The 74cms content management system, specifically versions up to 3.33, has a vulnerability that allows remote code execution through its background interface API. This flaw could enable an attacker to execute arbitrary commands on the server, leading to potential compromise of the system. Developers and administrators must promptly apply updated security measures to mitigate the risk associated with this vulnerability.

References

https://gitee.com/Q16G/laravel_bug/blob/master/74cms.md

https://github.com/Q16G/cve_detail/blob/main/74cms/unzipR...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 18, 2025