Login Sign Up

CVE-2024-29841

7.5 HIGH
Authentication Bypass

📋 TL;DR

The Evolution Controller web interface contains an access control vulnerability in the DESKTOP_EDIT_USER_GET_KEYS_FIELDS endpoint that allows unauthenticated attackers to retrieve sensitive keys data for any user. This affects Evolution Controller versions 2.04.560.31.03.2024 and below. Organizations using these vulnerable versions are at risk of unauthorized data exposure.

💻 Affected Systems

Products:
  • Evolution Controller
Versions: 2.04.560.31.03.2024 and below
Operating Systems: Not specified, likely various
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the web interface component specifically. All deployments with the vulnerable version are affected.

📦 What is this software?

Evolution by Cs Technologies

View all CVEs affecting Evolution →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could obtain administrative credentials or cryptographic keys, leading to complete system compromise, data theft, or lateral movement within the network.

🟠

Likely Case

Attackers harvest user keys and credentials to gain unauthorized access to user accounts and sensitive systems.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the exposed web interface component.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

The vulnerability requires no authentication and appears to be a simple API endpoint misconfiguration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Contact Evolution Controller vendor for patching information. 2. Monitor vendor communications for security updates. 3. Apply patches immediately when available.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to the Evolution Controller web interface using firewall rules.

Web Application Firewall

all

Deploy a WAF to block requests to the vulnerable DESKTOP_EDIT_USER_GET_KEYS_FIELDS endpoint.

🧯 If You Can't Patch

  • Isolate the Evolution Controller system from untrusted networks and internet access
  • Implement strict network segmentation and monitor for unusual access patterns to the web interface

🔍 How to Verify

Check if Vulnerable:

Attempt unauthenticated HTTP GET request to the DESKTOP_EDIT_USER_GET_KEYS_FIELDS endpoint and check if user keys are returned.

Check Version:

Check Evolution Controller web interface version in administration panel or configuration files.

Verify Fix Applied:

Verify the endpoint now requires proper authentication or returns appropriate access denied responses.

📡 Detection & Monitoring

Log Indicators:

  • Unauthenticated requests to DESKTOP_EDIT_USER_GET_KEYS_FIELDS endpoint
  • Multiple failed authentication attempts followed by successful key retrieval

Network Indicators:

  • Unusual HTTP traffic patterns to the Evolution Controller web interface
  • Requests to sensitive endpoints without authentication headers

SIEM Query:

source="evolution_controller" AND (uri="/DESKTOP_EDIT_USER_GET_KEYS_FIELDS" OR status=200) AND NOT auth_token=*

📊 Metadata

CVE ID: CVE-2024-29841
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-200
Published: April 15, 2024
Last Updated: December 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29841, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)