CVE-2025-24024 – Matrix Mjolnir Unrestricted Command Execution Vulnerability

January 21, 2025
9:18 pm

CVE ID : CVE-2025-24024

Published : Jan. 21, 2025, 8:15 p.m. | 1 hour, 2 minutes ago

Description : Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren’t operators of the bot to use the bot’s functions, including server administration components if enabled. Version 1.9.1 reverts the feature that introduced the bug, and version 1.9.2 reintroduces the feature safely. Downgrading to version 1.8.3 is recommended if upgrading to 1.9.1 or higher isn’t possible.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-24024 – Matrix Mjolnir Unrestricted Command Execution Vulnerability

Elvescore.io

Recent Posts

CVE-2022-49043 – Libxml2 XML XInclude Use-After-Free Vulnerability

CVE-2024-10574 – “Quiz Maker Business, Developer, and Agency WordPress Unauthorized Modification and Cross-Site Scripting Vulnerability”

CVE-2024-10628 – Woocommerce Quiz Maker SQL Injection Vulnerability

CVE-2024-10633 – Quiz Maker Business, Developer, and Agency WordPress Plugin Shortcode Injection Vulnerability

CVE-2024-10636 – Quiz Maker Business/Developer/Agency WordPress Reflected Cross-Site Scripting

CVE-2025-24858 – Develocity Gradle Enterprise Password Hash Exposure

CVE-2025-24024 – Matrix Mjolnir Unrestricted Command Execution Vulnerability

CVE-2025-24024 – Matrix Mjolnir Unrestricted Command Execution Vulnerability