CVE-2024-57762

HighPublic PoC

Published: 15 January 2025

Published

15 January 2025

Modified

10 April 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0030 53.3th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

Security Summary

CVE-2024-57762 is a deserialization vulnerability (CWE-502) affecting MSFM versions prior to v2025.01.01. The issue arises in the handling of the pom.xml configuration file, allowing improper deserialization of untrusted data.

The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating that an unauthenticated attacker can exploit it remotely with low complexity and no user interaction. Successful exploitation enables high-impact confidentiality violations, such as unauthorized access to sensitive data, without affecting integrity or availability.

Mitigation involves updating to MSFM v2025.01.01 or later, as indicated by the vulnerability's versioning scope. Additional details are available in the advisory at https://gitee.com/wanglingxiao/mysiteforme/issues/IBFVAT.

Details

CWE(s): CWE-502

Affected Products

wangl1989

mysiteforme

≤ 2025-01-01

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Shiro deserialization vulnerability in MSFM web application enables remote code execution via manipulated RememberMe cookie over HTTP to public-facing endpoint (/index), exploiting vulnerable Shiro version <1.8.0 with hardcoded key.

References

https://gitee.com/wanglingxiao/mysiteforme/issues/IBFVAT
Exploit, Third Party Advisory · cve@mitre.org