CVE-2024-57450
Published: 03 February 2025
Summary
CVE-2024-57450 is a critical-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in 1000Mz Chestnutcms. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 43.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 directly and comprehensively mitigates unrestricted file uploads by validating the content, type, and structure of files submitted via the Create template function to block dangerous types.
SI-9 prevents exploitation by enforcing strict restrictions on file types, sizes, and other attributes allowable through the vulnerable Create template function.
AC-3 enforces access control policies on the Create template function, blocking unauthenticated remote attackers from uploading arbitrary files.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload on public-facing CMS directly enables remote exploitation (T1190) and web shell deployment (T1505.003) via arbitrary file ingress (T1105).
NVD Description
ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function.
Deeper analysisAI
CVE-2024-57450 is an unrestricted file upload vulnerability in ChestnutCMS versions up to and including 1.5.0, exploitable via the Create template function and mapped to CWE-434 (Unrestricted Upload of File with Dangerous Type). Published on 2025-02-03, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical due to its potential for severe impact across confidentiality, integrity, and availability.
The vulnerability enables exploitation by any remote, unauthenticated attacker over the network with low complexity and no user interaction required. Attackers can upload arbitrary files through the affected function, achieving high-impact compromise including unauthorized access to sensitive data, modification of system files, and disruption of services.
Mitigation guidance is available in the referenced advisory at https://locrian-lightning-dc7.notion.site/File-Upload-1628e5e2b1a2806a99b8faf140bd5e42.
Details
- CWE(s)