CVE-2024-36531 is a vulnerability identified in nukeviet version 4.5 and earlier, as well as nukeviet-egov version 1.2.02 and earlier, which are content management systems primarily used in Vietnam and some Southeast Asian countries. The vulnerability resides in the /admin/extensions/upload.php component, which handles extension uploads. Due to insufficient validation or sanitization of uploaded content, an attacker with authenticated high-privilege access can execute arbitrary code on the server. This vulnerability is categorized under CWE-94, indicating that the system improperly controls the execution of code, allowing injection of malicious scripts or commands. The CVSS 3.1 base score is 5.7 (medium severity), with the vector AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L, meaning the attack is network-based with low complexity but requires high privileges and user interaction. The impact on confidentiality is high, as arbitrary code execution can lead to data disclosure, while integrity and availability impacts are low to moderate. No public exploits are known at this time, but the vulnerability poses a significant risk if exploited. The lack of available patches at the time of publication necessitates immediate mitigation efforts by administrators.

The primary impact of CVE-2024-36531 is the potential for arbitrary code execution on affected servers, which can lead to unauthorized access to sensitive data, including user information and administrative credentials. This compromises confidentiality severely. Although the integrity and availability impacts are rated lower, attackers could potentially modify site content or disrupt services. Since exploitation requires authenticated high-privilege access and user interaction, the threat is somewhat mitigated but remains significant in environments where insider threats or credential compromise are possible. Organizations relying on nukeviet or nukeviet-egov CMS platforms face risks of data breaches, defacement, or further lateral movement within their networks. The vulnerability could also be leveraged as a foothold for more extensive attacks, including ransomware or espionage campaigns.

To mitigate CVE-2024-36531, organizations should first verify if they are running affected versions of nukeviet (v4.5 or earlier) or nukeviet-egov (v1.2.02 or earlier). Since no official patches are currently available, administrators should implement strict access controls to limit high-privilege user accounts and enforce strong authentication mechanisms, such as multi-factor authentication, to reduce the risk of credential compromise. Monitoring and logging of admin panel access and file upload activities should be enhanced to detect suspicious behavior promptly. Disabling or restricting the /admin/extensions/upload.php component if not required can reduce the attack surface. Additionally, applying web application firewalls (WAFs) with custom rules to detect and block malicious payloads targeting upload functionality can provide interim protection. Organizations should stay alert for vendor patches or updates and apply them immediately upon release. Regular security audits and penetration testing focusing on upload components are also recommended.