Torrentpier 2.4.1 - RCE
10
Critical
Discovered by

Offensive Team, Fluid Attacks
Summary
Full name
Torrentpier 2.4.1 - RCE
Code name
State
Public
Release date
Feb 19, 2024
Affected product
Torrentpier
Affected version(s)
Version 2.4.1
Vulnerability name
Insecure Deserialization
Vulnerability type
Remotely exploitable
Yes
CVSS v3.1 vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS v3.1 base score
10.0
Exploit available
Yes
CVE ID(s)
Description
Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.
Vulnerability
An insecure deserialization vulnerability has been identified in Torrentpier that allows an attacker to obtain RCE on the server. This was made possible by deserializing arbitrary data sent by the user.
Exploit
Our security policy
We have reserved the ID CVE-2024-1651 to refer to this issue from now on.
System Information
Version: Torrentpier 2.4.1
Operating System: MacOS
Mitigation
There is currently no patch available for this vulnerability.
References
Vendor page https://github.com/torrentpier/torrentpier
Timeline
Vulnerability discovered
Feb 5, 2024
Vendor Confirmed Vuln.
Feb 7, 2024
Vendor contacted
Feb 5, 2024
Vendor replied
Feb 7, 2024
Public disclosure
Feb 19, 2024