CVE-2024-7074 | THREATINT

Description

An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server. By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.

PUBLISHED Reserved 2024-07-24 | Published 2025-06-02 | Updated 2025-06-02 | Assigner WSO2

MEDIUM: 6.8CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-434 Unrestricted Upload of File with Dangerous Type

Product status

Default status

unaffected

Any version before 6.0.0

unknown

6.0.0 (custom) before 6.0.0.21

affected

6.1.0 (custom) before 6.1.0.38

affected

6.1.1 (custom) before 6.1.1.42

affected

6.2.0 (custom) before 6.2.0.61

affected

6.3.0 (custom) before 6.3.0.69

affected

6.4.0 (custom) before 6.4.0.96

affected

6.5.0 (custom) before 6.5.0.102

affected

6.6.0 (custom) before 6.6.0.198

affected

Default status

unaffected

Any version before 2.0.0

unknown

2.0.0 (custom) before 2.0.0.28

affected

2.1.0 (custom) before 2.1.0.38

affected

2.2.0 (custom) before 2.2.0.57

affected

2.5.0 (custom) before 2.5.0.83

affected

2.6.0 (custom) before 2.6.0.143

affected

3.0.0 (custom) before 3.0.0.162

affected

3.1.0 (custom) before 3.1.0.293

affected

3.2.0 (custom) before 3.2.0.384

affected

3.2.1 (custom) before 3.2.1.16

affected

4.0.0 (custom) before 4.0.0.305

affected

4.1.0 (custom) before 4.1.0.166

affected

4.2.0 (custom) before 4.2.0.100

affected

4.3.0 (custom) before 4.3.0.16

affected

Default status

unknown

4.9.0 (custom) before 4.9.0.10

affected

5.0.0 (custom) before 5.0.0.28

affected

Default status

unknown

2.2.0 (custom) before 2.2.0.27

affected

Default status

unaffected

Any version before 1.0.0

unknown

1.0.0 (custom) before 1.0.0.49

affected

Default status

unaffected

Any version before 1.3.0

unknown

1.3.0 (custom) before 1.3.0.132

affected

1.4.0 (custom) before 1.4.0.135

affected

1.5.0 (custom) before 1.5.0.137

affected

2.0.0 (custom) before 2.0.0.342

affected

Default status

unknown

4.4.10 (custom) before 4.4.10.3

affected

4.6.1 (custom) before 4.6.1.4

affected

4.6.6 (custom) before 4.6.6.9

affected

4.6.10 (custom) before 4.6.10.4

affected

4.6.16 (custom) before 4.6.16.2

affected

4.6.19 (custom) before 4.6.19.10

affected

4.6.64 (custom) before 4.6.64.2

affected

4.6.67 (custom) before 4.6.67.15

affected

4.6.89 (custom) before 4.6.89.12

affected

4.6.105 (custom) before 4.6.105.59

affected

4.6.150 (custom) before 4.6.150.11

affected

4.7.20 (custom) before 4.7.20.5

affected

4.7.30 (custom) before 4.7.30.42

affected

4.7.35 (custom) before 4.7.35.5

affected

4.7.61 (custom) before 4.7.61.56

affected

4.7.99 (custom) before 4.7.99.299

affected

4.7.131 (custom) before 4.7.131.15

affected

4.7.175 (custom) before 4.7.175.18

affected

4.7.188 (custom) before 4.7.188.5

affected

4.7.204 (custom) before 4.7.204.5

affected

4.7.216 (custom)

unaffected

Credits

Anonymous working with Trend Micro Zero Day Initiative reporter

References

security.docs.wso2.com/...ty-advisories/2025/WSO2-2024-3566/ vendor-advisory

cve.org (CVE-2024-7074)

nvd.nist.gov (CVE-2024-7074)

Download JSON