CVE-2024-3437 – This critical vulnerability in SourceCodester P... (How to Fix)

Q: What is the severity of CVE-2024-3437?

CVE-2024-3437 has a CVSS score of 7.3 (HIGH). This critical vulnerability in SourceCodester Prison Management System 1.0 allows remote attackers to upload arbitrary files via the avatar handler in /Admin/add-admin.php. This can lead to remote code execution, compromising the entire system. Organizations using this specific software version are affected.

📋 TL;DR

This critical vulnerability in SourceCodester Prison Management System 1.0 allows remote attackers to upload arbitrary files via the avatar handler in /Admin/add-admin.php. This can lead to remote code execution, compromising the entire system. Organizations using this specific software version are affected.

💻 Affected Systems

Products:

SourceCodester Prison Management System

Versions: 1.0

Operating Systems: Any OS running the web application

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the /Admin/add-admin.php component specifically. No authentication required for exploitation.

📦 What is this software?

Prison Management System by Fast5

View all CVEs affecting Prison Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with remote code execution, data theft, privilege escalation, and potential lateral movement within the network.

🟠

Likely Case

Webshell deployment leading to unauthorized access, data exfiltration, and system manipulation.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls blocking malicious uploads.

🌐 Internet-Facing: HIGH - Attack can be initiated remotely without authentication.

🏢 Internal Only: MEDIUM - Internal attackers could exploit, but external threat is higher.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available on GitHub. Attack requires no authentication and is straightforward to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider workarounds or replacing the software.

🔧 Temporary Workarounds

Restrict File Uploads

all

Implement strict file upload validation on the web server to only allow specific file types and sizes.

# Configure web server (e.g., Apache/Nginx) to block uploads to /Admin/add-admin.php
# Implement PHP file upload restrictions in php.ini

Web Application Firewall Rules

all

Deploy WAF rules to block requests to the vulnerable endpoint or malicious file upload patterns.

# Example ModSecurity rule: SecRule REQUEST_URI "@streq /Admin/add-admin.php" "id:1001,deny,status:403"

🧯 If You Can't Patch

Isolate the system from the internet and restrict network access to necessary internal users only.
Implement strict monitoring and alerting for file upload activities to the vulnerable endpoint.

🔍 How to Verify

Check if Vulnerable:

Check if Prison Management System version 1.0 is installed and accessible. Attempt to upload a file to /Admin/add-admin.php with avatar parameter.

Check Version:

# Check application version in web interface or configuration files

Verify Fix Applied:

Verify that file uploads to /Admin/add-admin.php are blocked or properly validated. Test with malicious file upload attempts.

📡 Detection & Monitoring

Log Indicators:

HTTP POST requests to /Admin/add-admin.php with file uploads
Unusual file creation in web directories
Execution of unexpected processes from web user

Network Indicators:

Outbound connections from web server to unknown IPs
Unusual traffic patterns from the application server

SIEM Query:

source="web_server" AND uri="/Admin/add-admin.php" AND method="POST" AND file_upload=true

📊 Metadata

CVE ID: CVE-2024-3437

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-434

Published: April 8, 2024

Last Updated: February 10, 2025

🔗 References

https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemRCE2.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.259631 Permissions Required,VDB Entry
https://vuldb.com/?id.259631 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.311920 Third Party Advisory,VDB Entry
https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemRCE2.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.259631 Permissions Required,VDB Entry
https://vuldb.com/?id.259631 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.311920 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-3437, you might also want to check these: