CVE-2024-29387 is a remote code execution (RCE) vulnerability identified in Projeqtor, an open-source project management software, affecting versions up to 11.2.0. The vulnerability resides in the /view/print.php component, which improperly handles file uploads or input data, corresponding to CWE-434 (Unrestricted Upload of File with Dangerous Type). This weakness allows an attacker with low privileges (PR:L) and no user interaction (UI:N) to remotely execute arbitrary code on the server hosting Projeqtor. The CVSS v3.1 base score of 8.8 reflects the high impact on confidentiality, integrity, and availability (all rated high), with network attack vector (AV:N) and low attack complexity (AC:L). The vulnerability scope is unchanged (S:U), meaning the exploit affects only the vulnerable component without impacting other system components. Although no public exploits or active exploitation have been reported, the nature of the vulnerability and the criticality of the affected software make it a significant threat. The lack of available patches at the time of publication necessitates immediate attention from administrators to implement workarounds or mitigations. The vulnerability could allow attackers to gain unauthorized control over the affected system, potentially leading to data breaches, system manipulation, or service disruption.

The impact of CVE-2024-29387 is severe for organizations using Projeqtor, as successful exploitation enables remote code execution with high privileges, compromising system confidentiality, integrity, and availability. Attackers could deploy malware, exfiltrate sensitive project data, alter project management workflows, or disrupt services. This may result in operational downtime, loss of intellectual property, reputational damage, and regulatory compliance violations. Given Projeqtor's role in managing critical projects, especially in sectors like IT, construction, and government, the vulnerability poses a substantial risk to business continuity and data security. The ease of exploitation (no user interaction required) increases the likelihood of automated attacks or worm-like propagation if exploited at scale.

To mitigate CVE-2024-29387, organizations should immediately restrict access to the /view/print.php endpoint using network-level controls such as firewalls or web application firewalls (WAFs) to limit exposure. Implement strict input validation and sanitization on file uploads or parameters processed by this component to prevent malicious payloads. Monitor server logs and network traffic for unusual activity indicative of exploitation attempts. If possible, isolate the Projeqtor server within a segmented network zone to reduce lateral movement risks. Stay alert for official patches or updates from Projeqtor maintainers and apply them promptly once available. Additionally, conduct a thorough security review of file handling mechanisms within the application to identify and remediate similar weaknesses. Employ intrusion detection systems (IDS) tuned to detect exploitation patterns related to this vulnerability. Finally, educate administrators and users about the risks and signs of compromise related to this vulnerability.