cbcvebase.
CVE-2024-31819
published 2024-04-10

CVE-2024-31819: An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php…

PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
15.63%
96.4th percentile
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

Affected

2 ranges
VendorProductVersion rangeFixed in
wwbnavideo>= 12.4 < 14.314.3
wwbnavideo12.4 – 14.2

Detection & IOCsextracted from sources · hover to see the quote

pathsubmitIndex.php
othersystemRootPath
  • Monitor HTTP requests targeting submitIndex.php with a user-supplied systemRootPath parameter, which may indicate exploitation of CVE-2024-31819.
  • Detect PHP filter chaining payloads passed to the systemRootPath parameter in requests to submitIndex.php, as the exploit leverages this technique to achieve unauthenticated RCE.
  • Flag unauthenticated POST/GET requests to submitIndex.php on AVideo instances (versions 12.4–14.2), as no authentication is required to trigger the vulnerability.
  • ·Affected versions are limited to WWBN AVideo v12.4 through v14.2; detections should be scoped to these versions to reduce false positives.
  • ·The vulnerability is in the WWBNIndex plugin specifically; ensure detection rules target the plugin's submitIndex.php path rather than any generic AVideo endpoint.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.