File Upload Vulnerability in Advantive VeraCore Software
CVE-2024-57968
Key Information:
Badges
What is CVE-2024-57968?
CVE-2024-57968 is a file upload vulnerability found in Advantive VeraCore software, a product designed for managing business operations in various industries, including inventory and order management. This vulnerability enables remote authenticated users to upload files into unintended directories, which can be accessed by other users during web browsing. Consequently, this flaw poses serious risks to organizations, as it could lead to unauthorized data access or degradation of application integrity.
Technical Details
The vulnerability exists in versions of Advantive VeraCore prior to 2024.4.2.1 and is exploited through the upload.aspx page. This flaw allows authenticated users to manipulate the file upload functionality, potentially leading to files being placed in unsecured areas of the server. Such misconfigurations can expose sensitive data or enable further exploits.
Potential Impact of CVE-2024-57968
-
Unauthorized Data Access: Attackers could leverage this vulnerability to upload malicious files to publicly accessible directories, making sensitive data vulnerable to exposure or theft.
-
Compromise of System Integrity: The ability to upload files without proper restrictions can allow attackers to inject malware or manipulate existing files, leading to system exploitation or additional attack vectors.
-
Increased Attack Surface: By exploiting this vulnerability, threat actors could gain entry into the network environment, potentially compromising other systems and escalating their attacks within an organization.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
VeraCore 0 < 2024.4.2.1
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
The Hacker NewsCVE-2024-57968XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
XE Group exploits a VeraCore zero-day (CVE-2024-57968) to deploy web shells, enabling persistent access and targeting supply chains in manufacturing a
Help Net SecurityCybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968) - Help Net Security
Cybercriminal outfit XE Group has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software.
References
EPSS Score
11% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π¦
CISA Reported
- π
Vulnerability started trending
- π°
Used in Ransomware
- πΎ
Exploit known to exist
- π°
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved