CVE-2024-53615

Medium

Published: 30 January 2025

Published

30 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS Score 0.2094 95.7th percentile

Risk Priority 26 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53615 is a medium-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Validates uploaded video files to prevent command injection attacks during thumbnail rendering by ensuring inputs conform to expected formats and structures.

SI-2 Flaw Remediation good match

prevent

Remediates the specific command injection flaw in files.gallery v0.3.0-0.11.0 through timely patching or version upgrades as flaws are identified.

SI-3 Malicious Code Protection partial match

preventdetect

Scans uploaded video files for malicious code at entry points to detect and block crafted files that enable arbitrary command execution.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059 Command and Scripting Interpreter Execution

Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.

attack.mitre.org →

Why these techniques?

Command injection in public-facing web app enables unauthenticated RCE via crafted video upload during thumbnail processing, directly mapping to exploitation of public apps and command execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file.

Deeper analysisAI

CVE-2024-53615 is a command injection vulnerability (CWE-77) in the video thumbnail rendering component of Karl Ward's files.gallery, affecting versions 0.3.0 through 0.11.0. It enables remote attackers to execute arbitrary code by uploading a specially crafted video file, which triggers malicious command execution during thumbnail generation.

The vulnerability has a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N), indicating it is exploitable over the network with low complexity, no authentication or user interaction required. Unauthenticated remote attackers can target files.gallery instances that process uploaded videos, achieving limited impacts on confidentiality and integrity through arbitrary code execution, such as reading sensitive data or modifying files, without affecting availability.

Mitigation details are available in the advisory at https://github.com/beune/CVE-2024-53615.

Details

CWE(s): CWE-77

CVEs Like This One

CVE-2026-2333Shared CWE-77

CVE-2024-55030Shared CWE-77

CVE-2025-60801Shared CWE-77

CVE-2025-24818Shared CWE-77

CVE-2025-22630Shared CWE-77

CVE-2025-52688Shared CWE-77

CVE-2025-60021Shared CWE-77

CVE-2025-59252Shared CWE-77

CVE-2025-59272Shared CWE-77

CVE-2025-70093Shared CWE-77

References

https://github.com/beune/CVE-2024-53615
cve@mitre.org