Remote Code Execution Vulnerability in Laravel Pulse Monitoring Tool
CVE-2024-55661
What is CVE-2024-55661?
A vulnerability in Laravel Pulse prior to version 1.3.1 could enable remote code execution through the public remember() method in the Laravel\Pulse\Livewire\Concerns\RemembersQueries trait. This method is exposed via Livewire components, potentially permitting an authenticated user with access to the Laravel Pulse dashboard to execute arbitrary code. The vulnerability becomes critical when an attacker can exploit the remember(callable $query, string $key = '') method, allowing them to invoke any function or static method without restrictions on parameters. All Pulse card components utilizing this trait are affected. Version 1.3.1 addresses this vulnerability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.