Remote Code Execution and File Deletion Vulnerabilities in Mautic by Mautic
CVE-2024-47051

9.1CRITICAL

Key Information:

Vendor
Mautic
Status
Mautic/core
Vendor
CVE Published:
26 February 2025

Badges

📈 Score: 533👾 Exploit Exists🟡 Public PoC

What is CVE-2024-47051?

CVE-2024-47051 is a critical vulnerability discovered in Mautic, a widely used open-source marketing automation platform. This flaw allows authenticated users to exploit the system, leading to serious security threats. The vulnerability consists of two parts: Remote Code Execution (RCE) through the asset upload feature and file deletion via a path traversal issue. Organizations utilizing Mautic may face severe operational disruptions and potential data breaches as attackers could execute arbitrary code or delete sensitive files on the host system.

Technical Details

The vulnerabilities manifest in Mautic versions prior to 5.2.3, where the asset upload functionality is insufficiently secured. The RCE vulnerability permits attackers to upload malicious executable files due to lax enforcement of file extension restrictions. Simultaneously, the path traversal vulnerability allows authenticated adversaries to manipulate file paths within the system, enabling them to delete arbitrary files, thus disrupting services and potentially causing data loss.

Potential Impact of CVE-2024-47051

  1. Unauthorized Remote Code Execution: The exploitation of the RCE vulnerability could lead to an attacker executing malicious scripts on the server. This not only jeopardizes the integrity of the Mautic instance but can also lead to a broader compromise of connected systems.

  2. Data Integrity and Availability Risks: The path traversal vulnerability enables authenticated users to delete crucial files, which can disrupt service availability and result in significant data loss, impacting marketing campaigns and overall business operations.

  3. Increased Attack Surface: The presence of these vulnerabilities heightens the risk of further attacks, as malicious actors may employ these entry points to gain deeper access into organizational networks, possibly leading to secondary attacks, including broader data breaches or ransomware deployment.

Affected Version(s)

mautic/core < 5.2.3

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-47051
Created by mallo-m

References

https://github.com/mautic/mautic/security/advisories/GHSA...
https://owasp.org/www-community/attacks/Code_Injection
https://owasp.org/www-community/attacks/Path_Traversal

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

mallo-m
Patryk Gruzska
Lenon Leite
.
CVE-2024-47051 : Remote Code Execution and File Deletion Vulnerabilities in Mautic by Mautic | SecurityVulnerability.io