AI description
CVE-2024-57968 is an unrestricted file upload vulnerability in Advantive VeraCore software prior to version 2024.4.2.1. It allows authenticated remote users to upload files of dangerous types to unintended folders within the application. These folders may then be accessible to other users browsing the web application. The vulnerability specifically involves the `upload.aspx` file. This vulnerability was exploited by the XE Group, a cybercriminal group, to upload web shells, granting them unauthorized access to compromised systems. The fix for this vulnerability is available in VeraCore version 2024.4.2.1 and later. It is recommended to update to the latest version to mitigate this risk.
- Description
- Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- cve@mitre.org
- CWE-434
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🛑 تطوّرت مجموعة XE ولم تعد تقتصر على سرقة بيانات بطاقات الائتمان فقط، بل أصبحت تستغل الثغرات الأمنية غير المكتشفة (مثل CVE-2024-57968 في VeraCore) لاستهداف سلاسل التوريد. بمجرد اختراقهم، يمكنهم تشغيل جلسات عكسية (reverse shells)، وسحب الملفات، وحتى تعديل البيانات #sparrows |…
@hiddenlockT
10 Feb 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Gruppo XE sfrutta vulnerabilità zero-day: salto di qualità evidente Sicurezza Informatica, attacchi supply chain, carte di credito, CVE-2024-57968, cybercrime, gruppo XE, skimming, vulnerabilità, webshell, zero-day https://t.co/5WjKlcEXNk https://t.co/AFCiRMXeGF
@matricedigitale
10 Feb 2025
28 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 ALERT: XE Group exploits VeraCore Zero-Day vulnerabilities (CVE-2024-57968 & CVE-2025-25181) to deploy persistent web shells! 🚀 🔴 Organizations must update to version 2024.4.2.1+ ASAP! 🔍 Stay vigilant: Monitor file uploads, enforce strict access controls & deploy W
@AekzIndia
10 Feb 2025
12 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🛑 XE Group has evolved. They’re no longer just stealing credit card data—they’re exploiting zero-day vulnerabilities (like CVE-2024-57968 in VeraCore) to target supply chains Once in, they can drop reverse shells, exfiltrate.. #Cybersecurity #Hackers https://t.co/CB3dkqsSnY
@CEEKTechnology
10 Feb 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 XE Group targets supply chains by exploiting zero-day vulnerabilities like CVE-2024-57968 to deploy persistent web shells. Patching is crucial as old flaws still pose risks. 🛠️🔒 #CyberThreat #SupplyChain #USA link: https://t.co/a8DQH3fpsb https://t.co/Odv4ShyYAQ
@TweetThreatNews
10 Feb 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛑 XE Group has evolved. They’re no longer just stealing credit card data—they’re exploiting zero-day vulnerabilities (like CVE-2024-57968 in VeraCore) to target supply chains Once in, they can drop reverse shells, exfiltrate files, and even modify d... https://t.co/gxO9ZBMy0x
@IT_news_for_all
10 Feb 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛑 XE Group has evolved. They’re no longer just stealing credit card data—they’re exploiting zero-day vulnerabilities (like CVE-2024-57968 in VeraCore) to target supply chains Once in, they can drop reverse shells, exfiltrate files, and even modify data https://t.co/G8bX6kgYnH
@TheHackersNews
10 Feb 2025
13152 Impressions
18 Retweets
41 Likes
6 Bookmarks
4 Replies
2 Quotes
CVE-2024-57968 02/03/2025 08:15:36 PM BaseSeverity: CRITICAL Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are acce... https://t.co/6EYFXUu8nT
@CVETracker
4 Feb 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-57968 Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by ot… https://t.co/1ATUailTkN
@CVEnew
3 Feb 2025
381 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-57968: CRITICAL] Beware! Advantive VeraCore before 2024.4.2.1 permits authenticated users to upload files to wrong folders, posing a cybersecurity risk. Take precautions.#cybersecurity,#vulnerability https://t.co/AYyG6mV8Y3 https://t.co/hceKPL2q33
@CveFindCom
3 Feb 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes