CVE-2024-47051
Published: 26 February 2025
Summary
CVE-2024-47051 is a critical-severity Relative Path Traversal (CWE-23) vulnerability in Acquia Mautic. Its CVSS base score is 9.1 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-47051 covers two critical vulnerabilities in Mautic versions before 5.2.3. The first is a Remote Code Execution (RCE) flaw in the asset upload functionality, stemming from insufficient enforcement of allowed file extensions (CWE-94), which permits attackers to bypass restrictions and upload executable files such as PHP scripts. The second is a Path Traversal vulnerability (CWE-23) in the upload validation process, caused by improper handling of path components, enabling manipulation of the file deletion process.
These issues require low-privilege authenticated access (PR:L) and can be exploited remotely (AV:N) with low complexity (AC:L), no user interaction (UI:N), and scope change (S:C), earning a CVSS v3.1 score of 9.1 (C:H/I:L/A:L). Authenticated attackers could achieve RCE by uploading and executing malicious scripts, potentially compromising confidentiality, or delete arbitrary files via path traversal, disrupting integrity and availability on the host system.
The primary advisory at https://github.com/mautic/mautic/security/advisories/GHSA-73gx-x7r9-77x2 details these vulnerabilities, with mitigation achieved by upgrading to Mautic 5.2.3 or later, which enforces proper file extension checks and path handling in upload and deletion processes. Additional context on attack vectors is available in OWASP resources on Code Injection and Path Traversal.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-2855
Vulnerability details
This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. These vulnerabilities could be exploited by authenticated users. * Remote Code Execution (RCE) via Asset Upload: A Remote Code Execution vulnerability has been identified in the asset…
more
upload functionality. Insufficient enforcement of allowed file extensions allows an attacker to bypass restrictions and upload executable files, such as PHP scripts. * Path Traversal File Deletion: A Path Traversal vulnerability exists in the upload validation process. Due to improper handling of path components, an authenticated user can manipulate the file deletion process to delete arbitrary files on the host system.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
RCE via malicious file upload to web app directly enables T1190 (exploiting public-facing application) and T1505.003 (web shell deployment/execution).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates both vulnerabilities by requiring validation of uploaded file extensions and path components to block executable uploads and arbitrary file deletions.
Addresses the flaws comprehensively by mandating timely identification, testing, and installation of patches such as upgrading to Mautic 5.2.3.
Restricts insertion of harmful inputs like executable file extensions and path traversal sequences into the upload and deletion processes.