CVE-2024-55371

Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an authenticated attacker (being an administrator is not required) to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-Application	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wallosapp:wallos:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-04-16 21:15

Updated : 2025-06-03 15:00

NVD link : CVE-2024-55371

Mitre link : CVE-2024-55371

CVE.ORG link : CVE-2024-55371

JSON object : View

Products Affected

wallosapp

wallos

CWE

CWE-73

External Control of File Name or Path

{"id": "CVE-2024-55371", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-04-16T21:15:45.790", "references": [{"url": "https://www.datafarm.co.th/blog/CVE-2024-55371-and-CVE-2024-55372-Malicious-File-Upload-to-RCE-in-Wallos-Application", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-73"}]}], "descriptions": [{"lang": "en", "value": "Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an authenticated attacker (being an administrator is not required) to upload malicious files to the server. Once a web shell is installed, the attacker gains the ability to execute arbitrary commands."}, {"lang": "es", "value": "Wallos <= 2.38.2 presenta una vulnerabilidad de carga de archivos en la funci\u00f3n de restauraci\u00f3n de copias de seguridad. Esta vulnerabilidad permite a los usuarios autenticados restaurar copias de seguridad subiendo un archivo ZIP. El contenido del archivo ZIP se extrae en el servidor. Esta funcionalidad permite a un atacante autenticado (no es necesario ser administrador) subir archivos maliciosos al servidor. Una vez instalado un shell web, el atacante puede ejecutar comandos arbitrarios."}], "lastModified": "2025-06-03T15:00:13.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wallosapp:wallos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EACD600-8B84-434C-96AF-BB36B3E56BB8", "versionEndIncluding": "2.38.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}