Login Sign Up

CVE-2024-13022

6.3 MEDIUM

📋 TL;DR

This critical vulnerability in Tarzan CMS 1.0.0 allows remote attackers to upload arbitrary files without restrictions via the UploadResponse function in the article management component. Attackers can exploit this to upload malicious files like web shells, potentially gaining full control of affected systems. Any system running the vulnerable version is at risk.

💻 Affected Systems

Products:
  • taisan tarzan-cms
Versions: 1.0.0
Operating Systems: All platforms running Java
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the article management upload functionality specifically

📦 What is this software?

Tarzan Cms by Taisan

View all CVEs affecting Tarzan Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via web shell upload leading to data theft, ransomware deployment, or use as attack infrastructure

🟠

Likely Case

Unauthorized file upload leading to web shell installation and limited server compromise

🟢

If Mitigated

File upload attempts blocked or logged with no successful exploitation

🌐 Internet-Facing: HIGH - Remote exploitation possible without authentication
🏢 Internal Only: MEDIUM - Still exploitable from internal networks but attack surface reduced

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details publicly disclosed on Gitee issue tracker

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://gitee.com/taisan/tarzan-cms/issues/IBCUPG

Restart Required: Yes

Instructions:

1. Check vendor for official patch 2. Apply patch if available 3. Restart application server 4. Verify fix

🔧 Temporary Workarounds

Web Application Firewall Rule

all

Block file upload requests to vulnerable endpoint

WAF specific - block POST requests to */admin/controller/common/UploadController*

File Upload Restriction

all

Implement server-side file type validation and size limits

Application configuration - restrict allowed file extensions and implement virus scanning

🧯 If You Can't Patch

  • Disable article upload functionality completely
  • Implement network segmentation to isolate CMS from critical systems

🔍 How to Verify

Check if Vulnerable:

Check if running tarzan-cms version 1.0.0 and test file upload endpoint for unrestricted upload

Check Version:

Check application configuration or package manager for tarzan-cms version

Verify Fix Applied:

Attempt to upload restricted file types (e.g., .jsp, .php) and verify they are rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /admin/controller/common/UploadController
  • Uploads of executable file types
  • Multiple failed upload attempts

Network Indicators:

  • POST requests to upload endpoint with suspicious file names
  • Traffic patterns indicating file upload exploitation

SIEM Query:

source="web_logs" AND uri="/admin/controller/common/UploadController" AND (file_extension="jsp" OR file_extension="php" OR file_extension="exe")

📊 Metadata

CVE ID: CVE-2024-13022
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
Published: December 29, 2024
Last Updated: August 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13022, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)