CVE-2024-50858
Published: 14 January 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2024-50858 is a Cross-Site Request Forgery (CSRF) vulnerability impacting multiple endpoints in GestioIP version 3.5.7, an IP address management tool. Published on 2025-01-14, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and maps to CWE-352 (Cross-Site Request Forgery).
An unauthenticated attacker (PR:N) can exploit this by hosting a malicious URL and tricking an authenticated administrator into visiting it via their browser (UI:R). This enables the attacker to perform unauthorized actions on the victim's behalf, resulting in high-impact consequences such as data modification, deletion, or exfiltration over the network (AV:N) with low attack complexity (AC:L).
Mitigation guidance and additional details are available in vendor and community resources, including the official GestioIP site at http://www.gestioip.net, a CVE-specific repository at https://github.com/maxibelino/CVEs/tree/main/CVE-2024-50858, and a related Docker Compose setup at https://github.com/muebel/gestioip-docker-compose.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CSRF vulnerability in GestioIP v3.5.7 enables exploitation of a public-facing web application, allowing attackers to perform unauthorized actions (data modification, deletion, exfiltration) via forged requests from an authenticated admin's browser.