CVE-2024-48445

CVE-2024-48445 is a critical vulnerability in compop.ca ONLINE MALL version 3.5.3 that enables arbitrary code execution. A remote attacker can exploit this issue by manipulating the rid, tid, et, and ts parameters, as detailed in the CVE description published on 2025-02-04. The flaw is associated with CWE-287 (Improper Authentication) and carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), reflecting its high severity due to network accessibility, low attack complexity, and lack of prerequisites.

Any unauthenticated remote attacker can exploit this vulnerability without user interaction. Successful exploitation allows the attacker to execute arbitrary code on the targeted system, potentially leading to complete compromise with high impacts on confidentiality, integrity, and availability.

Advisories and further details, including potential patches or workarounds, are available in the referenced PacketStorm publication at https://packetstorm.news/files/id/188996/. Security practitioners should review this source for mitigation guidance specific to compop.ca ONLINE MALL v3.5.3.