CVE-2024-21645
Published: 08 January 2024
Summary
CVE-2024-21645 is a medium-severity Injection (CWE-74) vulnerability in Pyload Pyload. Its CVSS base score is 5.3 (Medium).
Operationally, ranked in the top 1.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
pyLoad, the open-source Python download manager, contains a log injection vulnerability tracked as CVE-2024-21645. The flaw permits arbitrary messages to be written into the application's logs without authentication, enabling forged or corrupted log entries that could mask attacker activity or falsely implicate another party. It is rated CVSS 5.3 and is assigned CWE-74.
Any unauthenticated remote attacker can exploit the issue over the network to inject chosen content into pyLoad logs, achieving limited integrity impact without affecting confidentiality or availability.
The vulnerability was addressed in version 0.5.0b3.dev77, as detailed in the GitHub security advisory GHSA-ghmw-rwh8-6qmr and the associated commit 4159a1191ec4fe6d927e57a9c4bb8f54e16c381d.
EPSS scores reached a peak of 0.7349 with a current value of 0.6910.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-0358
Vulnerability details
pyLoad is the free and open-source Download Manager written in pure Python. A log injection vulnerability was identified in `pyload` allowing any unauthenticated actor to inject arbitrary messages into the logs gathered by `pyload`. Forged or otherwise, corrupted log files…
more
can be used to cover an attacker’s tracks or even to implicate another party in the commission of a malicious act. This vulnerability has been patched in version 0.5.0b3.dev77.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Developer assessments and testing (including injection-focused techniques) identify improper neutralization of special elements, and the verifiable flaw remediation corrects them pre-deployment.
Identifies indicators of injection attacks (command, SQL, LDAP, etc.) via anomaly and attack monitoring.