CVE-2024-58284 – PopojiCMS 2.0.1 contains an authenticated remot... (How to Fix)

Q: What is the severity of CVE-2024-58284?

CVE-2024-58284 has a CVSS score of 7.2 (HIGH). PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability where administrative users can inject malicious PHP code through metadata settings. This allows attackers with admin credentials to create web shells and execute arbitrary system commands. Only PopojiCMS 2.0.1 installations with admin accounts are affected.

📋 TL;DR

PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability where administrative users can inject malicious PHP code through metadata settings. This allows attackers with admin credentials to create web shells and execute arbitrary system commands. Only PopojiCMS 2.0.1 installations with admin accounts are affected.

💻 Affected Systems

Products:

PopojiCMS

Versions: 2.0.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrative access to exploit. Default installations with admin credentials are vulnerable.

📦 What is this software?

Popojicms by Popojicms

View all CVEs affecting Popojicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise allowing data theft, lateral movement, ransomware deployment, and complete system control.

🟠

Likely Case

Attackers create persistent web shells to execute commands, steal data, and maintain access for further exploitation.

🟢

If Mitigated

Limited impact if strong authentication controls prevent unauthorized admin access and proper input validation is implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires admin credentials but is straightforward once authenticated. Public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.popojicms.org/

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if released or implementing workarounds.

🔧 Temporary Workarounds

Restrict Admin Access

all

Implement strong authentication controls and limit admin access to trusted IP addresses only.

Input Validation

all

Add input validation to metadata settings endpoint to prevent PHP code injection.

🧯 If You Can't Patch

Disable or restrict access to the metadata settings endpoint in web server configuration.
Implement web application firewall rules to block PHP code injection attempts.

🔍 How to Verify

Check if Vulnerable:

Check if running PopojiCMS version 2.0.1 and review admin access logs for suspicious metadata modifications.

Check Version:

Check PopojiCMS configuration files or admin panel for version information.

Verify Fix Applied:

Test metadata settings endpoint with PHP code injection attempts to ensure proper input validation.

📡 Detection & Monitoring

Log Indicators:

Unusual admin login attempts
Metadata settings modifications containing PHP code
GET requests with suspicious parameters

Network Indicators:

HTTP requests to metadata endpoint with PHP code in parameters
Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND (uri="/admin/metadata" OR uri="/metadata") AND (body CONTAINS "<?php" OR body CONTAINS "eval(" OR body CONTAINS "system(")

📊 Metadata

CVE ID: CVE-2024-58284

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

EPSS Score: 0.58% exploit probability (68.4th percentile)

Published: December 10, 2025

Last Updated: December 19, 2025

🔗 References

https://github.com/PopojiCMS/PopojiCMS Product
https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Release Notes
https://www.exploit-db.com/exploits/52022 Exploit,Third Party Advisory
https://www.popojicms.org/ Product
https://www.vulncheck.com/advisories/popojicms-remote-command-execution-via-authenticated-metadata-settings Third Party Advisory
https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-58284, you might also want to check these: