{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-58279", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-12-10T14:35:24.454Z", "datePublished": "2025-12-10T21:12:47.259Z", "dateUpdated": "2025-12-11T18:51:57.014Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "appRain CMF", "vendor": "apprain", "versions": [{"status": "affected", "version": "4.0.5"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Ahmet \u00dcmit BAYRAM"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.</p>"}], "value": "appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.6, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-10T21:12:47.259Z"}, "references": [{"name": "ExploitDB-52041", "tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/52041"}, {"name": "Official Vendor Homepage", "tags": ["vendor-advisory", "product"], "url": "https://www.apprain.org"}, {"name": "Software Link", "tags": ["product"], "url": "https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip"}, {"name": "VulnCheck Advisory: appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/apprain-cmf-authenticated-remote-code-execution-via-filemanager-upload"}], "source": {"discovery": "UNKNOWN"}, "title": "appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload", "x_generator": {"engine": "vulncheck"}}, "adp": [{"references": [{"url": "https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-11T15:50:56.092282Z", "id": "CVE-2024-58279", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-11T18:51:57.014Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-58279", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-11T15:50:56.092282Z"}}}], "references": [{"url": "https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-11T15:51:06.685Z"}}], "cna": {"title": "appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Ahmet \u00dcmit BAYRAM"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "apprain", "product": "appRain CMF", "versions": [{"status": "affected", "version": "4.0.5"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.exploit-db.com/exploits/52041", "name": "ExploitDB-52041", "tags": ["exploit"]}, {"url": "https://www.apprain.org", "name": "Official Vendor Homepage", "tags": ["vendor-advisory", "product"]}, {"url": "https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip", "name": "Software Link", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/apprain-cmf-authenticated-remote-code-execution-via-filemanager-upload", "name": "VulnCheck Advisory: appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.", "supportingMedia": [{"type": "text/html", "value": "<p>appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-12-10T21:12:47.259Z"}}}, "cveMetadata": {"cveId": "CVE-2024-58279", "state": "PUBLISHED", "dateUpdated": "2025-12-11T18:51:57.014Z", "dateReserved": "2025-12-10T14:35:24.454Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-12-10T21:12:47.259Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apprain:apprain:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C45A573A-FE6F-4BD2-ACFD-6F5D673F2B11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory."}], "id": "CVE-2024-58279", "lastModified": "2025-12-19T17:53:02.477", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-12-10T22:16:19.543", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.apprain.org"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.exploit-db.com/exploits/52041"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/apprain-cmf-authenticated-remote-code-execution-via-filemanager-upload"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Product"], "url": "https://github.com/apprain/apprain/archive/refs/tags/v4.0.5.zip"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"created": "2025-12-11T16:20:08.334216+00:00", "updated": "2025-12-11T16:20:08.334277+00:00", "vendors": ["apprain", "apprain$PRODUCT$apprain"]}