CVE-2024-8294 – This critical vulnerability in FeehiCMS allows ... (How to Fix)

Q: What is the severity of CVE-2024-8294?

CVE-2024-8294 has a CVSS score of 6.3 (MEDIUM). This critical vulnerability in FeehiCMS allows remote attackers to upload arbitrary files without restrictions via the FriendlyLink[image] parameter. Attackers can potentially execute malicious code on affected systems. All FeehiCMS installations up to version 2.1.1 are vulnerable.

📋 TL;DR

This critical vulnerability in FeehiCMS allows remote attackers to upload arbitrary files without restrictions via the FriendlyLink[image] parameter. Attackers can potentially execute malicious code on affected systems. All FeehiCMS installations up to version 2.1.1 are vulnerable.

💻 Affected Systems

Products:

FeehiCMS

Versions: up to 2.1.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the admin interface at /admin/index.php?r=friendly-link%2Fupdate

📦 What is this software?

Feehicms by Feehi

View all CVEs affecting Feehicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and persistent backdoor installation.

🟠

Likely Case

Webshell upload enabling unauthorized access, data manipulation, and further lateral movement within the network.

🟢

If Mitigated

File upload attempts blocked at WAF or detected by file integrity monitoring before execution.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires admin access to the vulnerable endpoint. Public disclosure increases weaponization likelihood.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure. Consider upgrading if newer versions exist or implement workarounds.

🔧 Temporary Workarounds

File Upload Restriction

all

Implement strict file upload validation for the FriendlyLink[image] parameter

Modify /admin/index.php to validate file extensions, MIME types, and file signatures

Web Application Firewall Rules

all

Block malicious file upload attempts at the WAF layer

Add WAF rules to detect and block suspicious uploads to /admin/index.php?r=friendly-link%2Fupdate

🧯 If You Can't Patch

Restrict access to /admin/ directory to trusted IP addresses only
Implement file integrity monitoring on upload directories and alert on unexpected file changes

🔍 How to Verify

Check if Vulnerable:

Check if FeehiCMS version is ≤2.1.1 and test file upload at /admin/index.php?r=friendly-link%2Fupdate with restricted file types

Check Version:

Check CMS version in configuration files or admin dashboard

Verify Fix Applied:

Attempt to upload restricted file types (e.g., .php, .jsp) and verify they are rejected

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to /admin/index.php?r=friendly-link%2Fupdate
Execution of uploaded files in upload directories

Network Indicators:

POST requests to vulnerable endpoint with file uploads
Subsequent connections from uploaded files

SIEM Query:

source="web_logs" AND uri="/admin/index.php?r=friendly-link%2Fupdate" AND method="POST" AND file_upload="true"

📊 Metadata

CVE ID: CVE-2024-8294

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-434

Published: August 29, 2024

Last Updated: August 30, 2024

🔗 References

https://gitee.com/A0kooo/cve_article/blob/master/feehi_cms/Fichkems%20Friendley-Link%20file%20upload%20vulnerability.md Exploit
https://vuldb.com/?ctiid.276069 Permissions Required,VDB Entry
https://vuldb.com/?id.276069 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.394556 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8294, you might also want to check these: