CVE-2024-34448
Published: 22 May 2024
Summary
CVE-2024-34448 is a high-severity Injection (CWE-74) vulnerability in Ghost Ghost. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 43.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-1862
Vulnerability details
Ghost before 5.82.0 allows CSV Injection during a member CSV export.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CSV injection vulnerability in Ghost's member CSV export feature allows attackers to embed malicious formulas (e.g., shell commands) in exported files, which execute code when opened in spreadsheet applications like Excel, facilitating T1204.002 (User Execution: Malicious File).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Developer assessments and testing (including injection-focused techniques) identify improper neutralization of special elements, and the verifiable flaw remediation corrects them pre-deployment.
Identifies indicators of injection attacks (command, SQL, LDAP, etc.) via anomaly and attack monitoring.