CVE-2024-31823 is a remote code execution (RCE) vulnerability identified in the Ecommerce-CodeIgniter-Bootstrap project, specifically in the removeSecondaryImage method within the Publish.php component. The vulnerability arises due to improper handling of user input that leads to code injection, classified under CWE-94 (Improper Control of Generation of Code). An attacker with low privileges (PR:L) can exploit this flaw remotely (AV:N) without requiring user interaction (UI:N), making it highly exploitable. The vulnerability affects the confidentiality, integrity, and availability of the affected systems, as arbitrary code execution can lead to full system compromise. The CVSS 3.1 base score is 8.8, reflecting these severe impacts. Although the affected versions are not explicitly listed, the commit hash provided (d22b54e8915f167a135046ceb857caaf8479c4da) indicates the vulnerable code state. No patches have been published yet, and no known exploits are reported in the wild, but the risk remains high due to the nature of the flaw and the widespread use of CodeIgniter in ecommerce applications. The vulnerability allows attackers to manipulate the removeSecondaryImage method to execute malicious payloads, potentially leading to data breaches, service disruption, or further network infiltration.

The impact of CVE-2024-31823 is significant for organizations using the Ecommerce-CodeIgniter-Bootstrap framework. Successful exploitation can lead to full remote code execution, allowing attackers to take complete control over the affected web server. This can result in data theft, unauthorized data modification, deployment of ransomware or malware, and disruption of ecommerce services. The confidentiality of customer data and transaction information is at high risk, as is the integrity of the ecommerce platform. Availability can also be compromised if attackers disrupt services or delete critical files. Given the remote and unauthenticated nature of the attack vector, the vulnerability can be exploited at scale, potentially affecting many organizations globally. The lack of patches increases the window of exposure, and attackers may develop exploits rapidly once details become widely known.

To mitigate CVE-2024-31823, organizations should immediately audit and review the removeSecondaryImage method in the Publish.php component for unsafe code execution patterns, particularly any dynamic code evaluation or unsanitized input usage. Implement strict input validation and sanitization to prevent code injection. Restrict access to the vulnerable component by applying network-level controls such as IP whitelisting or VPN access. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting this method. Monitor logs for unusual activity related to Publish.php and the removeSecondaryImage function. Until an official patch is released, consider disabling or isolating the vulnerable functionality if feasible. Keep the ecommerce framework and all dependencies updated, and subscribe to vendor security advisories for timely patch releases. Conduct penetration testing focused on code injection vectors to identify residual risks.