Skip to main content

CVE-2024-22107: n/a in n/a

High
VulnerabilityCVE-2024-22107cvecve-2024-22107
Published: Fri Feb 02 2024 (02/02/2024, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method systemSettingsDnsDataAction at /opt/webapp/src/AppBundle/Controller/React/SystemSettingsController.php is vulnerable to command injection via the /old/react/v1/api/system/dns/data endpoint. An authenticated attacker can abuse it to inject an arbitrary command and compromise the platform.

AI-Powered Analysis

AILast updated: 07/06/2025, 08:10:16 UTC

Technical Analysis

CVE-2024-22107 is a high-severity vulnerability affecting GTB Central Console version 15.17.1-30814.NG. The vulnerability resides in the method systemSettingsDnsDataAction located in the SystemSettingsController.php file of the web application component. Specifically, the endpoint /old/react/v1/api/system/dns/data is vulnerable to command injection attacks. An authenticated attacker can exploit this vulnerability by injecting arbitrary commands through this endpoint, which the system then executes. This type of vulnerability is classified under CWE-77 (Improper Neutralization of Special Elements used in a Command), indicating that user-supplied input is not properly sanitized before being passed to system-level commands. The CVSS 3.1 base score is 7.2, reflecting a high severity level with network attack vector, low attack complexity, but requiring high privileges (authenticated user) and no user interaction. The impact includes full compromise of confidentiality, integrity, and availability of the affected platform, as arbitrary commands can lead to data theft, system manipulation, or denial of service. No known exploits are currently reported in the wild, and no vendor patches or mitigations have been linked yet. The vulnerability was published on February 2, 2024, and has been enriched by CISA, indicating recognition by US cybersecurity authorities. The lack of detailed vendor or product information limits the scope of direct vendor-specific guidance but the technical nature suggests that the vulnerability affects a web-based management console used for system settings, likely in enterprise environments.

Potential Impact

For European organizations using GTB Central Console or similar platforms, this vulnerability poses a significant risk. Since exploitation requires authentication, insider threats or compromised credentials could lead to full system compromise. Attackers could execute arbitrary commands, potentially leading to data breaches, disruption of critical services, or lateral movement within networks. This is particularly concerning for sectors with stringent data protection requirements such as finance, healthcare, and critical infrastructure. The ability to execute commands remotely over the network increases the attack surface, and the high impact on confidentiality, integrity, and availability could result in regulatory penalties under GDPR if personal data is exposed or systems are disrupted. Additionally, the lack of patches means organizations must rely on compensating controls until a fix is available, increasing operational risk.

Mitigation Recommendations

1. Immediately restrict access to the affected endpoint (/old/react/v1/api/system/dns/data) to trusted administrators only, using network segmentation and firewall rules. 2. Enforce strong authentication mechanisms, including multi-factor authentication (MFA), to reduce the risk of credential compromise. 3. Monitor logs for unusual or unauthorized command execution attempts, focusing on the vulnerable endpoint. 4. Implement strict input validation and sanitization at the application layer to prevent command injection, if source code access and modification are possible. 5. Apply principle of least privilege to all user accounts to limit the potential damage from a compromised account. 6. If possible, disable or remove legacy or unused API endpoints to reduce attack surface. 7. Engage with the vendor or community to obtain patches or updates as soon as they become available. 8. Conduct regular security assessments and penetration testing focusing on web application endpoints to detect similar vulnerabilities early.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2024-01-05T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682cd0fa1484d88663aec2df

Added to database: 5/20/2025, 6:59:06 PM

Last enriched: 7/6/2025, 8:10:16 AM

Last updated: 8/15/2025, 6:34:12 AM

Views: 9

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats