CVE-2024-57785
Published: 16 January 2025
Summary
CVE-2024-57785 is a medium-severity Use of Incorrectly-Resolved Name or Reference (CWE-706) vulnerability. Its CVSS base score is 4.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 4.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-3 (Access Enforcement).
Deeper analysis
Zenitel AlphaWeb XE version 11.2.3.10 contains a local file inclusion vulnerability in the amc_uploads.php component, tracked as CVE-2024-57785. The flaw is rated 4.9 under CVSS 3.1 with a vector of AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N and is associated with CWE-706, indicating improper handling of file paths that can expose sensitive local resources.
An authenticated administrator with network access can supply crafted input to the affected component and retrieve arbitrary files from the underlying system, resulting in disclosure of confidential data without affecting integrity or availability. The EPSS score has remained flat at 0.2058 with no observed rise after disclosure.
A public gist provides technical details on the issue, though no vendor advisory or patch information is referenced in available sources.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-53749
Vulnerability details
Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file inclusion vulnerability via the component amc_uploads.php.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
LFI in public-facing web app directly enables T1190 exploitation and arbitrary local file reads for T1005 data collection.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents local file inclusion by requiring validation of user-supplied file paths in the amc_uploads.php component to block path traversal attacks.
Enforces access control policies to restrict high-privilege users from reading sensitive local files even if inclusion is attempted.
Limits the assignment of high privileges required for exploitation, reducing the attack surface for this PR:H vulnerability.