CVE-2024-55555 – Invoice Ninja Laravel RCE

1月 7, 2025
6:17 pm

CVE ID : CVE-2024-55555

Published : Jan. 7, 2025, 5:15 p.m. | 1 hour, 1 minute ago

Description : Invoice Ninja before 5.10.43 allows remote code execution from a pre-authenticated route when an attacker knows the APP_KEY. This is exacerbated by .env files, available from the product’s repository, that have default APP_KEY values. The route/{hash} route defined in the invoiceninja/routes/client.php file can be accessed without authentication. The parameter {hash} is passed to the function decrypt that expects a Laravel ciphered value containing a serialized object. (Furthermore, Laravel contains several gadget chains usable to trigger remote command execution from arbitrary deserialization.) Therefore, an attacker in possession of the APP_KEY is able to fully control a string passed to an unserialize function.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-55555 – Invoice Ninja Laravel RCE

Elvescore.io

Recent Posts

CVE-2024-12429 – AC500 V3 File Access Unauthorized Disclosure

CVE-2024-12430 – ABB AC500 Command Injection Vulnerability

CVE-2024-40747 – Chromium Modules Cross-Site Scripting (XSS) Vuln

CVE-2024-40748 – “Apache Struts HTML Injection”

CVE-2024-40749 – Apache Stratus Remote Access Violation