Cyber Resilience

CVE-2024-53615

Medium

Published: 30 January 2025

Published
30 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score 0.2094 95.8th percentile
Risk Priority 26 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-53615 is a medium-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2024-53615 is a command injection vulnerability, tracked under CWE-77, that resides in the video thumbnail rendering component of Karl Ward's files.gallery versions 0.3.0 through 0.11.0. The issue permits remote attackers to supply a crafted video file that triggers arbitrary command execution during thumbnail processing.

Unauthenticated attackers with network access can exploit the flaw without user interaction, achieving limited effects on confidentiality and integrity while leaving availability unaffected, consistent with the CVSS 6.5 rating.

The single reference URL leads to a GitHub repository that documents the vulnerability but contains no explicit mitigation or patch details. The associated EPSS score has remained flat at its peak value of 0.2094 with no material upward trajectory observed after disclosure.

EU & UK References

Vulnerability details

A command injection vulnerability in the video thumbnail rendering component of Karl Ward's files.gallery v0.3.0 through 0.11.0 allows remote attackers to execute arbitrary code via a crafted video file.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

Command injection in public-facing web app enables unauthenticated RCE via crafted video upload during thumbnail processing, directly mapping to exploitation of public apps and command execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-67397Shared CWE-77
CVE-2024-55030Shared CWE-77
CVE-2025-24818Shared CWE-77
CVE-2025-9223Shared CWE-77
CVE-2026-8431Shared CWE-77
CVE-2026-44869Shared CWE-77
CVE-2025-70093Shared CWE-77
CVE-2025-0593Shared CWE-77
CVE-2026-34259Shared CWE-77
CVE-2026-44866Shared CWE-77

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates uploaded video files to prevent command injection attacks during thumbnail rendering by ensuring inputs conform to expected formats and structures.

prevent

Remediates the specific command injection flaw in files.gallery v0.3.0-0.11.0 through timely patching or version upgrades as flaws are identified.

preventdetect

Scans uploaded video files for malicious code at entry points to detect and block crafted files that enable arbitrary command execution.

References