Cyber Resilience

CVE-2024-50848

Medium

Published: 18 November 2024

Published
18 November 2024
Modified
20 October 2025
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score 0.0785 92.2th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-50848 is a medium-severity Improper Restriction of XML External Entity Reference (CWE-611) vulnerability in Rws Worldserver. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique File and Directory Discovery (T1083); ranked in the top 7.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-50848 is an XML External Entity (XXE) vulnerability, tracked as CWE-611, that affects the Import object and Translation Memory import functionalities in WorldServer version 11.8.2. The flaw allows an attacker to access sensitive information and execute arbitrary commands by supplying a crafted .tmx file during import operations. It carries a CVSS 3.1 score of 6.5 reflecting network attack vector, low complexity, no required privileges, and required user interaction.

An unauthenticated attacker can exploit the issue remotely by delivering the malicious .tmx file to a WorldServer instance, resulting in disclosure of sensitive data with high confidentiality impact while integrity and availability remain unaffected.

Public references include proof-of-concept repositories demonstrating the attack and the vendor product page for WorldServer; no official advisory or patch details are provided in the available sources. The associated EPSS score has remained low, with a peak of 0.0910 and current value of 0.0785.

EU & UK References

Vulnerability details

An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 to access sensitive information and execute arbitrary commands via supplying a crafted .tmx file.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1083 File and Directory Discovery Discovery
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

XXE vulnerability enables arbitrary file and directory reads (T1083: File and Directory Discovery) via crafted .tmx file parsing and facilitates arbitrary command execution (T1059: Command and Scripting Interpreter).

Affected Assets

rws
worldserver
11.8.2

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-611

Penetration testing includes XML external entity payloads, detecting XXE vulnerabilities and enabling their mitigation.

addresses: CWE-611

Identifies XML external entity processing via monitoring of unusual file/network access or resource usage.

References