CVE-2024-57547
Published: 27 January 2025
Summary
CVE-2024-57547 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Cmsimple Cmsimple. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Services File Permissions Weakness (T1574.010); ranked in the top 41.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for logical access to system resources, directly preventing unauthorized remote access to sensitive PHP backup files via the insecure download functionality.
Mandates secure configuration settings including restrictive file permissions on PHP backup files to mitigate incorrect permission assignments.
Applies the principle of least privilege to critical resources like backup files, countering CWE-732 incorrect permission assignment exploited by unauthenticated attackers.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Insecure permissions on PHP backup file download functionality in public-facing CMSimple CMS enable remote unauthorized access to sensitive information, exploiting file system permissions weaknesses (T1044) and public-facing application vulnerabilities (T1190).
NVD Description
Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files.
Deeper analysisAI
CVE-2024-57547 is an insecure permissions vulnerability affecting CMSimple version 5.16. It enables a remote attacker to obtain sensitive information through a crafted script targeting the functionality for downloading PHP backup files. The issue is classified under CWE-732 (Incorrect Permission Assignment for Critical Resource) with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no requirements for privileges, user interaction, or disruption to integrity or availability.
A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted script to the backup download functionality, allowing them to access and retrieve PHP backup files that may contain sensitive information from the CMSimple installation. No special privileges or user interaction are needed, making it accessible over the network with low complexity.
Advisories and research details are available in the provided references, including a GitHub Gist at https://gist.github.com/h4ckr4v3n/afbb87b5a05f283dbee705709c2769eb and a Markdown document on GitHub at https://github.com/h4ckr4v3n/cmsimple5.16_research/blob/main/CMSimple%205.16%20Remote%20Code%20Execution%20via%20backup%20file%20editing.md, which security practitioners should review for exploitation details and potential mitigation steps such as restricting backup file permissions or upgrading the software if patches become available.
Details
- CWE(s)