CVE-2024-48445
Published: 04 February 2025
Summary
CVE-2024-48445 is a critical-severity Improper Authentication (CWE-287) vulnerability in Packetstorm (inferred from references). Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 5.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2024-48445 is an improper authentication vulnerability in compop.ca ONLINE MALL version 3.5.3. The flaw permits remote code execution through the rid, tid, et, and ts parameters and carries a CVSS 3.1 score of 9.8.
A remote attacker with no credentials or user interaction can supply crafted values to these parameters, resulting in arbitrary code execution on the affected server and full compromise of confidentiality, integrity, and availability.
The two provided references point to the same Packet Storm entry that appears to contain exploit material, but neither reference nor the CVE record itself supplies patch, mitigation, or workaround guidance. The associated EPSS score has remained flat at 0.1555 with no indicated rise after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-43257
Vulnerability details
An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct RCE in unauthenticated public-facing web app maps to exploitation of public-facing application for initial access and code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the specific flaw in compop.ca ONLINE MALL v3.5.3 enabling arbitrary code execution via manipulated parameters.
Validates inputs such as rid, tid, et, and ts parameters to block malicious data leading to remote code execution.
Enforces proper identification and authentication for non-organizational users, mitigating the improper authentication (CWE-287) that allows unauthenticated exploitation.