Login Sign Up

CVE-2024-9904

4.7 MEDIUM

📋 TL;DR

This critical vulnerability in 07FLYCMS/07FlyCRM allows attackers to upload arbitrary files without restrictions via the pictureUpload function. Remote attackers can exploit this to upload malicious files like webshells or malware. All users running affected versions of 07FLYCMS, 07FLY-CMS, or 07FlyCRM are vulnerable.

💻 Affected Systems

Products:
  • 07FLYCMS
  • 07FLY-CMS
  • 07FlyCRM
Versions: Up to version 1.2.0
Operating Systems: All platforms running affected software
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in default installation, no special configuration required

📦 What is this software?

07flycms by 07fly

View all CVEs affecting 07flycms →

Customer Relationship Management by 07fly

View all CVEs affecting Customer Relationship Management →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via webshell upload leading to data theft, ransomware deployment, or use as attack platform

🟠

Likely Case

Webshell installation allowing persistent backdoor access and further exploitation

🟢

If Mitigated

File uploads blocked or properly validated, limiting attack surface

🌐 Internet-Facing: HIGH - Remote exploitation possible without authentication
🏢 Internal Only: MEDIUM - Still exploitable from internal networks but requires network access

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details publicly available on GitHub, simple file upload manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider upgrading if vendor releases fix, otherwise implement workarounds.

🔧 Temporary Workarounds

Web Application Firewall Rule

all

Block requests to /admin/File/pictureUpload endpoint

WAF-specific configuration required

File Upload Restriction

all

Implement server-side file type validation and size limits

Application-specific code modifications required

🧯 If You Can't Patch

  • Disable or restrict access to /admin/File/pictureUpload endpoint
  • Implement strict file upload validation including file type checking, size limits, and content inspection

🔍 How to Verify

Check if Vulnerable:

Check if running 07FLYCMS/07FlyCRM version 1.2.0 or earlier and test file upload functionality at /admin/File/pictureUpload

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Test if arbitrary file uploads are still possible after implementing controls

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /admin/File/pictureUpload
  • Uploads of non-image file types
  • Multiple failed upload attempts

Network Indicators:

  • POST requests to /admin/File/pictureUpload with suspicious file extensions
  • Unusual outbound connections after file uploads

SIEM Query:

source_ip=* AND uri_path="/admin/File/pictureUpload" AND (file_extension="php" OR file_extension="jsp" OR file_extension="asp")

📊 Metadata

CVE ID: CVE-2024-9904
CVSS v3 Score: 4.7 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-434
Published: October 13, 2024
Last Updated: July 30, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-9904, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)