CVE-2024-57451

HighPublic PoC

Published: 03 February 2025

Published

03 February 2025

Modified

13 May 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0084 74.9th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-57451 is a high-severity Path Traversal (CWE-22) vulnerability in 1000Mz Chestnutcms. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 25.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Requires validation of user-supplied path inputs to the getFileList method to block directory traversal sequences like '../'.

AC-3 Access Enforcement good match

prevent

Mandates enforcement mechanisms in the FileController to restrict access to only authorized directories, preventing unauthorized traversal.

AC-6 Least Privilege good match

prevent

Applies least privilege to the ChestnutCMS process, limiting its ability to read sensitive system directories even if path traversal succeeds.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1083 File and Directory Discovery Discovery

Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Directory traversal in public-facing CMS directly enables T1190 exploitation for unauthenticated remote file/directory access, facilitating T1083 discovery and T1005 data collection from the local system.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to view any directory.

Deeper analysisAI

CVE-2024-57451 is a directory traversal vulnerability affecting ChestnutCMS versions up to and including 1.5.0. The flaw resides in the contentcore.controller.FileController#getFileList method, enabling attackers to bypass path restrictions and access arbitrary directories on the server. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), classified as High severity and mapped to CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). The vulnerability was published on 2025-02-03.

Unauthenticated remote attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required. Exploitation allows viewing the contents of any directory on the affected system, resulting in high confidentiality impact by exposing potentially sensitive files, while integrity and availability remain unaffected.

Mitigation details are available in the referenced advisory at https://locrian-lightning-dc7.notion.site/Directory-traversal-1628e5e2b1a280fdb463c2235acc7f75.