|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-05-20 | |
| Rule Name: | ProjectSend options.php Authentication Bypass Vulnerability (CVE-2024-11680) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript. | |
| Impact: | An unauthorized remote attacker can bypass authentication and gain access to the application with specially crafted requests. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/projectsend-auth-bypass.yaml https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744 https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/projectsend_unauth_rce.rb https://vulncheck.com/advisories/projectsend-bypass |
|
| Solutions |
|---|
| Please refer to announcements or patches release by the vendor: https://github.com/projectsend/projectsend/releases/tag/r1720 |