CVE-2024-31819
published 2024-04-10CVE-2024-31819: An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php…
PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
15.63%
96.4th percentile
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wwbn | avideo | >= 12.4 < 14.3 | 14.3 |
| wwbn | avideo | 12.4 – 14.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting submitIndex.php with a user-supplied systemRootPath parameter, which may indicate exploitation of CVE-2024-31819. ↗
- →Detect PHP filter chaining payloads passed to the systemRootPath parameter in requests to submitIndex.php, as the exploit leverages this technique to achieve unauthenticated RCE. ↗
- →Flag unauthenticated POST/GET requests to submitIndex.php on AVideo instances (versions 12.4–14.2), as no authentication is required to trigger the vulnerability. ↗
- ·Affected versions are limited to WWBN AVideo v12.4 through v14.2; detections should be scoped to these versions to reduce false positives. ↗
- ·The vulnerability is in the WWBNIndex plugin specifically; ensure detection rules target the plugin's submitIndex.php path rather than any generic AVideo endpoint. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
WWBN AVideo Remote Code Execution
osv·2024-04-10
CVE-2024-31819 [CRITICAL] WWBN AVideo Remote Code Execution
WWBN AVideo Remote Code Execution
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
GHSA
WWBN AVideo Remote Code Execution
ghsa·2024-04-10
CVE-2024-31819 [CRITICAL] CWE-94 WWBN AVideo Remote Code Execution
WWBN AVideo Remote Code Execution
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
No detection rules found.
No writeups or analysis indexed.
2024-04-10
Published