CVE-2024-58278

N/A Unknown

Remote Code Execution

📋 TL;DR

Perl2exe versions up to V30.10C contain an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts by controlling the 0th argument of packed executables. This enables attackers to bypass restrictions and gain unauthorized access to systems. Organizations using perl2exe to package Perl scripts into executables are affected.

💻 Affected Systems

Products:

• perl2exe

Versions: <= V30.10C

Operating Systems: Linux, Windows, All platforms where perl2exe is used

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems where perl2exe is installed and used to create packed executables. The vulnerability is in the perl2exe tool itself, not in the executables it creates.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

1. Review the CVE details at NVD
2. Check vendor security advisories for your specific version
3. Test if the vulnerability is exploitable in your environment
4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining root/administrator privileges, installing persistent backdoors, stealing sensitive data, and pivoting to other systems.

🟠

Likely Case

Local privilege escalation allowing attackers to execute arbitrary code with elevated permissions, potentially leading to data theft or system manipulation.

🟢

If Mitigated

Limited impact if proper access controls, least privilege principles, and execution restrictions are in place to prevent unauthorized script execution.

🌐 Internet-Facing: LOW - This is a local authenticated vulnerability requiring attacker access to the system.

🏢 Internal Only: HIGH - Internal attackers with authenticated access can exploit this to escalate privileges and compromise systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit code is publicly available on Exploit-DB. Attack requires local authenticated access to the system.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.indigostar.com/

Restart Required: No

Instructions:

Check vendor website for updated version. If unavailable, consider alternative Perl packaging solutions or implement workarounds.

🔧 Temporary Workarounds

Restrict perl2exe usage

linux

Limit access to perl2exe tool to authorized users only and monitor its usage.

Copy

chmod 750 /usr/bin/perl2exe
chown root:trustedgroup /usr/bin/perl2exe

Implement execution restrictions

all

Use application whitelisting or execution policies to prevent unauthorized script execution.

🧯 If You Can't Patch

• Remove perl2exe from production systems and use alternative Perl packaging tools
• Implement strict access controls and monitor for suspicious perl2exe usage patterns

🔍 How to Verify

Check if Vulnerable:

Copy

Check perl2exe version: perl2exe --version or examine installed package version

Check Version:

Copy

perl2exe --version

Verify Fix Applied:

Copy

Verify perl2exe is removed or updated to version above V30.10C

📡 Detection & Monitoring

Log Indicators:

• Unusual perl2exe execution patterns
• Multiple perl2exe processes from same user
• Execution of unexpected scripts via perl2exe

Network Indicators:

• Outbound connections from perl2exe processes to unexpected destinations

SIEM Query:

Copy

process_name="perl2exe" AND (command_line="*malicious*" OR command_line="*suspicious*")

📊 Metadata

CVE ID: CVE-2024-58278

CVSS v3 Score: N/A (Unknown)

CWE: CWE-78

EPSS Score: 0.03% exploit probability (8.9th percentile)

Published: December 4, 2025

Last Updated: December 8, 2025

🔗 References

• https://www.exploit-db.com/exploits/51825
• https://www.indigostar.com/
• https://www.indigostar.com/download/p2x-30.10-Linux-x64-5.30.1.tar.gz
• https://www.vulncheck.com/advisories/indigostar-software-perl2exe-v3010c-arbitrary-code-execution

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-58278, you might also want to check these:

CVE-2023-2564 10.0

This CVE describes an OS command injection vulnerability in scanservjs web scanning software that al...

Same vulnerability type (CWE-78)

CVE-2024-58338 10.0

Anevia Flamingo XL 3.2.9 contains a restricted shell escape vulnerability that allows remote attacke...

Same vulnerability type (CWE-78)

CVE-2025-26389 10.0

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code with r...

Same vulnerability type (CWE-78)