Login Sign Up

CVE-2024-5354

4.3 MEDIUM

📋 TL;DR

This vulnerability in anji-plus AJ-Report allows remote attackers to access sensitive information by manipulating the shareToken parameter in the /reportShare/detailByCode endpoint. It affects all users running AJ-Report versions up to 1.4.1. The information disclosure could expose report data that should be protected.

💻 Affected Systems

Products:
  • anji-plus AJ-Report
Versions: up to 1.4.1
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the web application component; no specific OS requirements.

📦 What is this software?

Aj Report by Anji Plus

View all CVEs affecting Aj Report →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could access all shared reports and sensitive data contained within them, potentially exposing confidential business information or personal data.

🟠

Likely Case

Unauthorized access to specific reports that were intended to be shared with limited audiences, leading to data exposure.

🟢

If Mitigated

Limited exposure of non-critical report data if proper access controls and network segmentation are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available in GitHub issues and PDF documents. Simple parameter manipulation required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.2 or later

Vendor Advisory: https://github.com/anji-plus/report/issues/34

Restart Required: Yes

Instructions:

1. Upgrade AJ-Report to version 1.4.2 or later. 2. Restart the AJ-Report service. 3. Verify the fix by testing the vulnerable endpoint.

🔧 Temporary Workarounds

Block vulnerable endpoint

all

Use web application firewall or reverse proxy to block access to /reportShare/detailByCode

# Example nginx location block
location /reportShare/detailByCode { return 403; }

Implement rate limiting

linux

Add rate limiting to the vulnerable endpoint to reduce brute force attempts

# Example using fail2ban or similar tools

🧯 If You Can't Patch

  • Implement network segmentation to isolate AJ-Report from untrusted networks
  • Add authentication requirements for accessing shared reports

🔍 How to Verify

Check if Vulnerable:

Test if you can access /reportShare/detailByCode with manipulated shareToken parameters and receive unauthorized data.

Check Version:

Check the AJ-Report version in the application interface or configuration files.

Verify Fix Applied:

After patching, attempt the same exploit and verify you receive proper access denied responses.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed or unusual requests to /reportShare/detailByCode
  • Unusual parameter values in shareToken field

Network Indicators:

  • Unusual traffic patterns to the vulnerable endpoint
  • Multiple requests with varying shareToken parameters

SIEM Query:

source="web_server" AND uri="/reportShare/detailByCode" AND (param.shareToken="*" OR status=200)

📊 Metadata

CVE ID: CVE-2024-5354
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-200
Published: May 26, 2024
Last Updated: March 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5354, you might also want to check these:

CVE-2025-61481 10.0

MikroTik RouterOS and SwOS expose their WebFig management interface over unencrypted HTTP by default...

Same vulnerability type (CWE-200)
CVE-2025-53624 10.0

The Docusaurus gists plugin versions before 4.0.0 expose GitHub Personal Access Tokens in client-sid...

Same vulnerability type (CWE-200)
CVE-2023-49103 10.0

This vulnerability in ownCloud's graphapi app exposes PHP configuration details (phpinfo) via a thir...

Same vulnerability type (CWE-200)