Cyber Posture

CVE-2024-13189

HighPublic PoC

Published: 08 January 2025

Published
08 January 2025
Modified
28 May 2025
KEV Added
Patch
CVSS Score 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0008 24.4th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-13189 is a high-severity Incorrect Privilege Assignment (CWE-266) vulnerability in Zerowdd Myblog. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 24.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match
prevent

Enforces approved authorizations for logical access, directly countering the permission bypass vulnerability in MyBlogMvcConfig.java.

SI-2 Flaw Remediation good match
preventdetect

Identifies, reports, and corrects the specific flaw causing permission issues (CWE-266, CWE-275), preventing remote exploitation of this CVE.

AC-6 Least Privilege partial match
prevent

Employs least privilege to limit unauthorized access enabled by incorrect privilege assignments in the vulnerable MVC configuration.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Critical permission bypass in public-facing web application (ZeroWdd myblog MVC config) allows remote unauthenticated access to admin paths, enabling exploitation of public-facing application.

NVD Description

A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has been disclosed…

more

to the public and may be used.

Deeper analysisAI

CVE-2024-13189 is a critical vulnerability in ZeroWdd myblog 1.0, affecting an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The issue stems from permission problems, mapped to CWE-266 and CWE-275, with a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). It was published on 2025-01-08.

The vulnerability enables remote exploitation by unauthenticated attackers (PR:N) over the network (AV:N) with low attack complexity (AC:L) and no user interaction (UI:N). Manipulation leads to permission issues, allowing limited impacts on confidentiality, integrity, and availability (C:L/I:L/A:L).

Details on the vulnerability, including the publicly disclosed exploit, are documented in GitHub issues at https://github.com/ZeroWdd/myblog/issues/1 and https://github.com/ZeroWdd/myblog/issues/1#issue-2759828006, as well as VulDB entries at https://vuldb.com/?ctiid.290781, https://vuldb.com/?id.290781, and https://vuldb.com/?submit.469223. No specific patch or mitigation details are provided in the available information.

Details

CWE(s)
CWE-266CWE-275NVD-CWE-noinfo

Affected Products

zerowdd
myblog
1.0

CVEs Like This One

CVE-2024-13191Same product: Zerowdd Myblog
CVE-2024-13133Same vendor: Zerowdd
CVE-2026-33519Shared CWE-266
CVE-2024-13134Same vendor: Zerowdd
CVE-2026-4617Shared CWE-266
CVE-2025-2218Shared CWE-266
CVE-2026-6105Shared CWE-266
CVE-2025-0206Shared CWE-266
CVE-2026-4194Shared CWE-266
CVE-2026-5569Shared CWE-266

References