What is CVE-2024-33752?

CVE-2024-33752 is a vulnerability in N/a. Published 2024-05-06.

Is CVE-2024-33752 known to be exploited?

24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2024-33752

An arbitrary file upload vulnerability exists in emlog pro 2.3.0 and pro 2.3.2 at admin/views/plugin.php that could be exploited by a remote attacker to submit a special request to upload a malicious file to execute arbitrary code.

EPSS: 0.858 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/HV-2024-POC
12442RF/POC
AboSteam/POPC
DMW11525708/wiki
Lern0n/Lernon-POC
Linxloop/fork_
Myanemo/Myanemo
Warren-Jace/poc-doc
WhosGa/MyWiki
Yuan08o/pocs

References

github.com/Myanemo/emlogpro/blob/main/emlog pro2.3.2 File upload to getshell.md

Frequently asked questions

What is CVE-2024-33752?: CVE-2024-33752 is a vulnerability in N/a. Published 2024-05-06.
Is CVE-2024-33752 known to be exploited?: 24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.