Login Sign Up

CVE-2024-13144

6.3 MEDIUM
Remote Code Execution

📋 TL;DR

This critical vulnerability in My-Blog 1.0 allows remote attackers to upload arbitrary files without restrictions via the uploadFileByEditomd function. Attackers can exploit this to upload malicious files like webshells or scripts. All users running My-Blog 1.0 are affected.

💻 Affected Systems

Products:
  • zhenfeng13 My-Blog
Versions: 1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default configuration of My-Blog 1.0.

📦 What is this software?

My Blog by Zhenfeng13

View all CVEs affecting My Blog →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Attackers upload webshells to gain persistent access, deface websites, or use the server for malicious activities.

🟢

If Mitigated

File uploads are blocked or properly validated, preventing malicious file execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly disclosed in GitHub issues, making exploitation straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch is available. Consider upgrading to a newer version if one exists, or apply workarounds.

🔧 Temporary Workarounds

Disable file upload functionality

all

Temporarily disable the uploadFileByEditomd endpoint or restrict access to it.

Modify src/main/java/com/site/blog/my/core/controller/admin/BlogController.java to comment out or remove the uploadFileByEditomd method

Implement file upload validation

all

Add server-side validation to restrict file types, extensions, and content.

Implement whitelist validation for allowed file types (e.g., only .jpg, .png), check file signatures, and restrict upload directories

🧯 If You Can't Patch

  • Deploy a web application firewall (WAF) with rules to block malicious file uploads.
  • Restrict network access to the My-Blog application to trusted IPs only.

🔍 How to Verify

Check if Vulnerable:

Check if the application is My-Blog version 1.0 and has the uploadFileByEditomd function in BlogController.java.

Check Version:

Check the application's version in its configuration files or via the admin interface.

Verify Fix Applied:

Test file upload functionality with malicious files; successful upload should be blocked.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads, especially with non-image extensions or large sizes
  • Access to uploaded files with suspicious names

Network Indicators:

  • HTTP POST requests to upload endpoints with unusual file types

SIEM Query:

source="web_logs" AND (uri="/admin/upload" OR method="POST") AND (file_extension="php" OR file_extension="jsp" OR file_extension="exe")

📊 Metadata

CVE ID: CVE-2024-13144
CVSS v3 Score: 6.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
EPSS Score: 0.08% exploit probability (22.5th percentile)
Published: January 6, 2025
Last Updated: August 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13144, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)