CVE-2024-33120 – Roothub v2.5 contains an arbitrary file upload ... (How to Fix)

Q: What is the severity of CVE-2024-33120?

CVE-2024-33120 has a CVSS score of 9.8 (CRITICAL). Roothub v2.5 contains an arbitrary file upload vulnerability in the upload() function via the customPath parameter. Attackers can upload crafted JSP files to execute arbitrary code on affected systems. This affects all deployments of Roothub v2.5.

📋 TL;DR

Roothub v2.5 contains an arbitrary file upload vulnerability in the upload() function via the customPath parameter. Attackers can upload crafted JSP files to execute arbitrary code on affected systems. This affects all deployments of Roothub v2.5.

💻 Affected Systems

Products:

Roothub

Versions: v2.5

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Any deployment with the vulnerable upload() function accessible is affected.

📦 What is this software?

Roothub by Roothub

View all CVEs affecting Roothub →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with remote code execution leading to data theft, ransomware deployment, or complete system takeover.

🟠

Likely Case

Webshell installation allowing persistent access, data exfiltration, and lateral movement within the network.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls blocking malicious uploads.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the upload function but is straightforward once obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://roothub.com

Restart Required: No

Instructions:

Check vendor website for updates. If unavailable, implement workarounds immediately.

🔧 Temporary Workarounds

Restrict File Upload Types

all

Configure web server to reject JSP file uploads and limit to safe extensions.

# Configure in web server (e.g., Apache/Nginx) to block .jsp uploads

Implement File Upload Validation

all

Add server-side validation to check file types and content before saving.

# Add validation in upload() function to verify file type and path

🧯 If You Can't Patch

Isolate affected systems from internet and critical internal networks.
Implement strict network segmentation and monitor for unusual file upload activity.

🔍 How to Verify

Check if Vulnerable:

Check if running Roothub v2.5 and if upload() function with customPath parameter is accessible.

Check Version:

# Check application version in configuration or admin panel

Verify Fix Applied:

Test file upload with JSP extension; it should be rejected or sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to custom paths
JSP file creation in web directories

Network Indicators:

HTTP POST requests to upload endpoints with JSP files

SIEM Query:

source="web_logs" AND (method="POST" AND uri CONTAINS "upload" AND file_extension="jsp")

📊 Metadata

CVE ID: CVE-2024-33120

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: May 7, 2024

Last Updated: May 1, 2025

🔗 References

http://roothub.com Not Applicable
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33120.txt Third Party Advisory
http://roothub.com Not Applicable
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33120.txt Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33120, you might also want to check these: