CVE-2024-24554 – This vulnerability in Bludit allows attackers t... (How to Fix)

Q: What is the severity of CVE-2024-24554?

CVE-2024-24554 has a CVSS score of 8.2 (HIGH). This vulnerability in Bludit allows attackers to bypass authentication by predicting sensitive tokens generated using weak MD5 hashing with predictable methods. Attackers can authenticate against the Bludit API without valid credentials. All Bludit installations using vulnerable versions are affected.

📋 TL;DR

This vulnerability in Bludit allows attackers to bypass authentication by predicting sensitive tokens generated using weak MD5 hashing with predictable methods. Attackers can authenticate against the Bludit API without valid credentials. All Bludit installations using vulnerable versions are affected.

💻 Affected Systems

Products:

Bludit

Versions: All versions prior to 4.0.0

Operating Systems: All platforms running Bludit

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Bludit by Bludit

View all CVEs affecting Bludit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to gain administrative access, modify content, upload malicious files, and potentially achieve remote code execution.

🟠

Likely Case

Unauthorized access to the Bludit admin panel leading to content manipulation, user account compromise, and potential data exfiltration.

🟢

If Mitigated

Limited impact if API access is restricted or additional authentication layers are in place, though authentication bypass remains possible.

🌐 Internet-Facing: HIGH - Bludit installations exposed to the internet are directly vulnerable to remote exploitation.

🏢 Internal Only: MEDIUM - Internal systems are still vulnerable but require network access; risk increases if internal attackers exist.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires predictable token generation knowledge but is straightforward once understood.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.0.0

Vendor Advisory: https://github.com/bludit/bludit/releases/tag/4.0.0

Restart Required: No

Instructions:

1. Backup your Bludit installation. 2. Download Bludit 4.0.0 or later from the official repository. 3. Replace all files except the /bl-content folder. 4. Verify the update completed successfully.

🔧 Temporary Workarounds

Restrict API Access

all

Block external access to Bludit API endpoints using firewall rules or web server configuration.

# Example for Apache: RewriteRule ^/api/.* - [F]
# Example for Nginx: location ~ ^/api/ { deny all; }

Implement Web Application Firewall

all

Deploy a WAF to detect and block authentication bypass attempts.

🧯 If You Can't Patch

Isolate Bludit installation on internal network segments with strict access controls.
Implement multi-factor authentication or additional authentication layers for admin access.

🔍 How to Verify

Check if Vulnerable:

Check Bludit version in admin panel or examine /bl-content/databases/site.php for version information.

Check Version:

grep -r '"version"' /path/to/bludit/bl-content/databases/site.php

Verify Fix Applied:

Confirm version is 4.0.0 or higher in admin dashboard and test API authentication with invalid tokens.

📡 Detection & Monitoring

Log Indicators:

Multiple failed authentication attempts followed by successful API access with unusual tokens
Admin panel access from unexpected IP addresses

Network Indicators:

Unusual API request patterns, especially authentication-related endpoints

SIEM Query:

source="bludit.log" AND ("api" AND "token") AND status=200

📊 Metadata

CVE ID: CVE-2024-24554

CVSS v3 Score: 8.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

CWE: CWE-287

Published: June 24, 2024

Last Updated: January 2, 2026

🔗 References

https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ Third Party Advisory
https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-24554, you might also want to check these: