CVE-2024-35079 – This vulnerability allows attackers to upload m... (How to Fix)

Q: What is the severity of CVE-2024-35079?

CVE-2024-35079 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows attackers to upload malicious .jsp files through the uploadAudio method in inxedu v2024.4, leading to arbitrary code execution on the server. Any organization running the vulnerable version of inxedu is affected, potentially enabling complete system compromise.

📋 TL;DR

This vulnerability allows attackers to upload malicious .jsp files through the uploadAudio method in inxedu v2024.4, leading to arbitrary code execution on the server. Any organization running the vulnerable version of inxedu is affected, potentially enabling complete system compromise.

💻 Affected Systems

Products:

inxedu

Versions: v2024.4

Operating Systems: All platforms running inxedu

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with the uploadAudio functionality enabled and accessible.

📦 What is this software?

Inxedu by Inxedu

View all CVEs affecting Inxedu →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server takeover with administrative privileges, data exfiltration, ransomware deployment, and lateral movement within the network.

🟠

Likely Case

Webshell installation leading to persistent backdoor access, data theft, and further exploitation of the compromised system.

🟢

If Mitigated

Limited impact with proper file upload restrictions and web application firewalls blocking malicious uploads.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple file upload exploitation with publicly available proof-of-concept.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.inxedu.com/

Restart Required: No

Instructions:

Check vendor website for security updates. If patch unavailable, implement workarounds immediately.

🔧 Temporary Workarounds

Restrict File Upload Extensions

all

Configure web server to block .jsp file uploads and only allow audio file extensions

# Configure in web application or web server (e.g., Apache/Nginx) to reject .jsp uploads

Implement File Upload Validation

all

Add server-side validation to check file content type and extension

# Add validation in uploadAudio method to verify file is actual audio format

🧯 If You Can't Patch

Disable uploadAudio functionality completely if not required
Implement Web Application Firewall (WAF) rules to block .jsp file uploads

🔍 How to Verify

Check if Vulnerable:

Check if running inxedu v2024.4 and test uploadAudio endpoint with .jsp file

Check Version:

# Check inxedu version in application configuration or admin panel

Verify Fix Applied:

Attempt to upload .jsp file after implementing controls - should be rejected

📡 Detection & Monitoring

Log Indicators:

Unusual .jsp file uploads to uploadAudio endpoint
Multiple failed upload attempts with non-audio extensions

Network Indicators:

POST requests to uploadAudio with .jsp files
Subsequent suspicious outbound connections from server

SIEM Query:

source="web_logs" AND uri="/uploadAudio" AND file_extension=".jsp"

📊 Metadata

CVE ID: CVE-2024-35079

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: May 23, 2024

Last Updated: June 20, 2025

🔗 References

https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35079.txt Third Party Advisory
https://www.inxedu.com/ Product
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35079.txt Third Party Advisory
https://www.inxedu.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35079, you might also want to check these: