CVE-2024-6110 – This critical vulnerability in the Magbanua Bea... (How to Fix)

📋 TL;DR

This critical vulnerability in the Magbanua Beach Resort Online Reservation System allows remote attackers to upload arbitrary files via the 'image' parameter in controller.php. This unrestricted file upload can lead to remote code execution or system compromise. All users running versions up to 1.0 are affected.

💻 Affected Systems

Products:

itsourcecode Magbanua Beach Resort Online Reservation System

Versions: up to 1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the controller.php file specifically. Any deployment with this software is vulnerable by default.

📦 What is this software?

Magbanua Beach Resort Online Reservation System by Janobe

View all CVEs affecting Magbanua Beach Resort Online Reservation System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via remote code execution, allowing attackers to execute arbitrary commands, steal data, or deploy ransomware.

🟠

Likely Case

Webshell deployment leading to persistent backdoor access, data exfiltration, or lateral movement within the network.

🟢

If Mitigated

File upload attempts blocked at the web application firewall level with no successful exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub. The vulnerability requires minimal technical skill to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

1. Check vendor website for updates
2. If patch available, download and apply
3. Test functionality after update
4. Monitor for any issues

🔧 Temporary Workarounds

File Upload Restriction

all

Implement strict file upload validation in controller.php

Modify controller.php to validate file extensions, MIME types, and file signatures

Web Application Firewall Rules

all

Block malicious file upload attempts at the WAF level

Configure WAF to block requests with suspicious file extensions in upload parameters

🧯 If You Can't Patch

Isolate the system from the internet and restrict network access
Implement strict file upload validation and monitoring

🔍 How to Verify

Check if Vulnerable:

Check if controller.php exists and handles file uploads without proper validation

Check Version:

Check software version in admin panel or configuration files

Verify Fix Applied:

Test file upload functionality with malicious files to ensure they are rejected

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to controller.php
Files with suspicious extensions in upload directories
Multiple failed upload attempts

Network Indicators:

HTTP POST requests to controller.php with file uploads
Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND uri="*controller.php*" AND method="POST" AND (file_extension="php" OR file_extension="jsp" OR file_extension="asp")

📊 Metadata

CVE ID: CVE-2024-6110

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-434

Published: June 18, 2024

Last Updated: November 21, 2024

🔗 References

https://github.com/Laster-dev/CVE/issues/1 Exploit
https://vuldb.com/?ctiid.268856 Permissions Required,Third Party Advisory
https://vuldb.com/?id.268856 Third Party Advisory
https://vuldb.com/?submit.358592 Third Party Advisory
https://github.com/Laster-dev/CVE/issues/1 Exploit
https://vuldb.com/?ctiid.268856 Permissions Required,Third Party Advisory
https://vuldb.com/?id.268856 Third Party Advisory
https://vuldb.com/?submit.358592 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6110, you might also want to check these: