Ignoring Arguments for Environment Detection

CVE-2024-52301

Currently unrated 🀨

Key Information

Vendor
Laravel
Status
Framework
Vendor
CVE Published:
12 November 2024

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoCπŸ“° News Worthy

Summary

CVE-2024-52301 is a critical vulnerability in the Laravel web application framework that allows attackers to change the environment used by the framework when handling requests. This can lead to unauthorized access, privilege escalation, data tampering, and potential further system compromise. The vulnerability affects multiple versions of Laravel, and developers and system administrators are strongly urged to update their installations immediately. Exploitation of this vulnerability could have severe consequences, so it is essential to stay vigilant and adhere to security best practices.

Affected Version(s)

framework < 6.20.45

framework < 7.0.0, 7.30.7

framework < 8.0.0, 8.83.28

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-52301-Research
Created by martinhaunschmid

CVE-2024-52301
Created by nanwinata

News Articles

favicon imageCyberSecurityNews

Critical Laravel Vulnerability Let Hackers Gain Unauthorized Access

A newly discovered critical vulnerability in the Laravel framework has sent shockwaves through the web development community.

1 month ago

References

https://github.com/laravel/framework/security/advisories/...
x_refsource_CONFIRM

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by CyberSecurityNews

  • Vulnerability published

Collectors

NVD DatabaseMitre Database2 Proof of Concept(s)1 News Article(s)
.