CVE-2024-46647 – CVE-2024-46647 is a directory traversal vulnera... (How to Fix)

Q: What is the severity of CVE-2024-46647?

CVE-2024-46647 has a CVSS score of 6.5 (MEDIUM). CVE-2024-46647 is a directory traversal vulnerability in eNMS versions 4.4.0 through 4.7.1 that allows attackers to upload files to arbitrary locations on the server via the upload_files functionality. This affects all eNMS deployments running vulnerable versions, potentially enabling unauthorized file system access.

📋 TL;DR

CVE-2024-46647 is a directory traversal vulnerability in eNMS versions 4.4.0 through 4.7.1 that allows attackers to upload files to arbitrary locations on the server via the upload_files functionality. This affects all eNMS deployments running vulnerable versions, potentially enabling unauthorized file system access.

💻 Affected Systems

Products:

eNMS

Versions: 4.4.0 to 4.7.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All installations with upload_files functionality enabled are vulnerable.

📦 What is this software?

Enms by Enms

View all CVEs affecting Enms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could upload malicious files to critical system directories, potentially leading to remote code execution, system compromise, or data exfiltration.

🟠

Likely Case

Attackers upload web shells or malicious scripts to gain persistent access, modify configuration files, or exfiltrate sensitive data.

🟢

If Mitigated

With proper file upload validation and directory restrictions, impact is limited to unauthorized file uploads in controlled directories.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the upload_files endpoint, which may require authentication depending on configuration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.7.2 or later

Vendor Advisory: https://github.com/skit-cyber-security/eNMS_vulnerabilities

Restart Required: Yes

Instructions:

1. Backup current eNMS installation and configuration. 2. Download and install eNMS version 4.7.2 or later from official sources. 3. Restart the eNMS service. 4. Verify the fix by testing upload functionality.

🔧 Temporary Workarounds

Disable file upload functionality

all

Temporarily disable the upload_files endpoint until patching is complete

# Modify eNMS configuration to disable upload_files endpoint
# Check eNMS documentation for specific configuration options

Implement file upload restrictions

all

Configure web server or application to restrict file uploads to specific directories and validate file paths

# Configure web server (e.g., nginx, apache) to restrict upload directories
# Implement application-level path validation

🧯 If You Can't Patch

Implement strict file upload validation and path sanitization at the application level
Deploy web application firewall (WAF) rules to detect and block directory traversal attempts

🔍 How to Verify

Check if Vulnerable:

Check eNMS version via web interface or configuration files. If version is between 4.4.0 and 4.7.1 inclusive, the system is vulnerable.

Check Version:

Check eNMS web interface or configuration files for version information

Verify Fix Applied:

After patching, verify version is 4.7.2 or later. Test file upload functionality with directory traversal attempts to confirm they are blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual file upload patterns
Requests containing directory traversal sequences (../, ..\) in upload parameters
File uploads to non-standard directories

Network Indicators:

HTTP POST requests to upload_files endpoint with suspicious path parameters
Unusual file upload traffic patterns

SIEM Query:

source="eNMS" AND (uri_path="*upload_files*" AND (param="*../*" OR param="*..\*"))

📊 Metadata

CVE ID: CVE-2024-46647

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: September 20, 2024

Last Updated: April 16, 2025

🔗 References

https://github.com/skit-cyber-security/eNMS_vulnerabilities Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46647, you might also want to check these: