CVE-2024-52301

Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h	Vendor Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00019.html	Third Party Advisory Mailing List

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:laravel:framework::::::::
	cpe:2.3:a:laravel:framework::::::::
	cpe:2.3:a:laravel:framework::::::::
	cpe:2.3:a:laravel:framework::::::::
	cpe:2.3:a:laravel:framework::::::::
	cpe:2.3:a:laravel:framework::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-11-12 20:15

Updated : 2025-08-26 02:37

NVD link : CVE-2024-52301

Mitre link : CVE-2024-52301

CVE.ORG link : CVE-2024-52301

JSON object : View

Products Affected

laravel

framework

debian

debian_linux

CWE

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

{"id": "CVE-2024-52301", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-11-12T20:15:14.087", "references": [{"url": "https://github.com/laravel/framework/security/advisories/GHSA-gv7v-rgg6-548h", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00019.html", "tags": ["Third Party Advisory", "Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-88"}]}], "descriptions": [{"lang": "en", "value": "Laravel is a web application framework. When the register_argc_argv php directive is set to on , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. The vulnerability fixed in 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23, and 11.31.0. The framework now ignores argv values for environment detection on non-cli SAPIs."}, {"lang": "es", "value": "Laravel es un framework de aplicaciones web. Cuando la directiva de php register_argc_argv est\u00e1 establecida en on y los usuarios llaman a cualquier URL con una cadena de consulta especialmente manipulada, pueden cambiar el entorno que utiliza el framework al procesar la solicitud. La vulnerabilidad se corrigi\u00f3 en 6.20.45, 7.30.7, 8.83.28, 9.52.17, 10.48.23 y 11.31.0. El framework ahora ignora los valores argv para la detecci\u00f3n del entorno en SAPI que no son de CLI."}], "lastModified": "2025-08-26T02:37:14.610", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E4D3C77-8967-41A0-B092-AE27DA385578", "versionEndExcluding": "6.20.45"}, {"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "617A174E-7DE0-4145-BCE6-2A58CBBB6B21", "versionEndExcluding": "7.30.7", "versionStartIncluding": "7.0.0"}, {"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A506D04F-C9D9-4E37-B75F-29DA3943ECE0", "versionEndExcluding": "8.83.28", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB7F8265-5DF9-49A5-9D23-A459F16A948F", "versionEndExcluding": "9.52.17", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9575B7A1-E291-4EC2-8557-ABCCACEB8622", "versionEndExcluding": "10.48.23", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6346E858-7A00-4E7C-A3C2-8858C1D7C140", "versionEndExcluding": "11.31.0", "versionStartIncluding": "11.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}