Torrentpier 2.4.1 - RCE
10
Critical
Discovered by
Offensive Team, Fluid Attacks
Summary
Full name
Torrentpier 2.4.1 - RCE
Code name
State
Public
Release date
19 feb 2024
Affected product
Torrentpier
Affected version(s)
Version 2.4.1
Vulnerability name
Insecure Deserialization
Vulnerability type
Remotely exploitable
Yes
CVSS v3.1 vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CVSS v3.1 base score
10.0
Exploit available
Yes
CVE ID(s)
Description
Torrentpier version 2.4.1 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to insecure deserialization.
Vulnerability
An insecure deserialization vulnerability has been identified in Torrentpier that allows an attacker to obtain RCE on the server. This was made possible by deserializing arbitrary data sent by the user.
Exploit
Our security policy
We have reserved the ID CVE-2024-1651 to refer to this issue from now on.
System Information
Version: Torrentpier 2.4.1
Operating System: MacOS
Mitigation
There is currently no patch available for this vulnerability.
References
Vendor page https://github.com/torrentpier/torrentpier
Timeline
IA generativa
5 feb 2024
Vendor Confirmed Vuln.
7 feb 2024
Vendor contacted
5 feb 2024
Vendor replied
7 feb 2024
Public disclosure
19 feb 2024
