Skip to main content

CVE-2024-0352: CWE-434 Unrestricted Upload in Likeshop

High
VulnerabilityCVE-2024-0352cvecve-2024-0352cwe-434
Published: Tue Jan 09 2024 (01/09/2024, 23:00:06 UTC)
Source: CVE Database V5
Vendor/Project: n/a
Product: Likeshop

Description

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120.

AI-Powered Analysis

AILast updated: 07/03/2025, 23:09:56 UTC

Technical Analysis

CVE-2024-0352 is a critical vulnerability identified in Likeshop version 2.5.7.20210311, specifically within the FileServer::userFormImage function located in the server/application/api/controller/File.php file. This vulnerability is classified under CWE-434, which pertains to Unrestricted File Upload. The flaw arises from insufficient validation or restrictions on the file upload functionality, allowing an attacker to upload arbitrary files via HTTP POST requests without authentication or user interaction. Because the vulnerability can be exploited remotely and without any privileges, it presents a significant security risk. Successful exploitation could enable attackers to upload malicious files such as web shells, scripts, or executables, potentially leading to remote code execution, data tampering, or denial of service. The CVSS v3.1 base score is 7.3 (high severity), reflecting the network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact affects confidentiality, integrity, and availability, as attackers could gain unauthorized access or disrupt services. Although no public exploits are currently known in the wild, the vulnerability has been publicly disclosed, increasing the risk of exploitation by threat actors. No official patches or mitigations have been linked yet, emphasizing the need for immediate attention from organizations using this software version.

Potential Impact

For European organizations utilizing Likeshop 2.5.7.20210311, this vulnerability poses a substantial threat. Likeshop is an e-commerce platform, and exploitation could lead to unauthorized access to customer data, financial information, and business-critical operations. Confidentiality breaches could result in exposure of personal data protected under GDPR, leading to regulatory penalties and reputational damage. Integrity compromises might allow attackers to alter product listings, prices, or transaction records, causing financial loss and undermining customer trust. Availability impacts could disrupt online sales and services, affecting revenue streams. Given the remote and unauthenticated nature of the exploit, attackers can target these organizations at scale, increasing the likelihood of widespread impact. The absence of known exploits in the wild currently provides a window for proactive mitigation, but the public disclosure elevates the urgency for European entities to assess and remediate this vulnerability promptly.

Mitigation Recommendations

Immediate mitigation steps include: 1) Conducting an inventory to identify all instances of Likeshop 2.5.7.20210311 in use within the organization. 2) Implementing strict file upload validation controls at the application and web server levels, such as restricting allowed file types, enforcing file size limits, and scanning uploads for malware. 3) Applying web application firewalls (WAFs) with rules to detect and block suspicious file upload attempts targeting the vulnerable endpoint. 4) Monitoring logs for unusual POST requests to the FileServer::userFormImage function or related upload endpoints. 5) Isolating or restricting network access to the affected application where feasible to limit exposure. 6) Engaging with the software vendor or community to obtain or develop patches or updates addressing the vulnerability. 7) As a temporary measure, disabling or restricting the vulnerable upload functionality if business operations permit. 8) Educating development and security teams about secure file upload practices to prevent similar issues in future deployments. These targeted actions go beyond generic advice by focusing on the specific vulnerable component and its exploitation vector.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2024-01-09T14:19:33.243Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 683f0a31182aa0cae27f6f16

Added to database: 6/3/2025, 2:44:01 PM

Last enriched: 7/3/2025, 11:09:56 PM

Last updated: 8/14/2025, 7:28:39 PM

Views: 22

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats