CVE-2024-42523 is a vulnerability in publiccms version 4.0.202302.e and earlier that permits any file upload through the administrative endpoint publiccms/admin/cmsTemplate/saveMetaData. This endpoint lacks sufficient validation or restrictions on the types of files that can be uploaded, allowing an attacker with authenticated high-level privileges to upload malicious files, such as web shells or scripts. The vulnerability is categorized under CWE-434, indicating an unrestricted file upload flaw that can be leveraged to execute arbitrary code on the server. The CVSS v3.1 score is 7.2, reflecting a high severity due to network attack vector, low attack complexity, required high privileges, no user interaction, and full impact on confidentiality, integrity, and availability. Although exploitation requires authenticated access with elevated privileges, the impact is severe because successful exploitation can lead to complete system compromise. No patches or exploit code are currently publicly available, but the vulnerability is published and should be addressed promptly. The lack of patch links suggests that remediation may require vendor updates or configuration changes to restrict file upload capabilities.

The vulnerability enables attackers with high-level authenticated access to upload arbitrary files, potentially leading to remote code execution, data theft, defacement, or denial of service. This compromises the confidentiality, integrity, and availability of the affected systems. Organizations relying on publiccms for web content management risk full system compromise if exploited. The attack vector being network-based and requiring no user interaction increases the likelihood of automated exploitation once credentials are obtained. The requirement for high privileges limits exposure to insider threats or attackers who have already breached initial defenses. However, the consequences of exploitation are severe, including potential lateral movement within networks, data exfiltration, and disruption of business operations. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, especially as exploit code may emerge.

Organizations should immediately audit and restrict access to the publiccms administrative interface to trusted personnel only, enforcing strong authentication and access controls. Implement multi-factor authentication to reduce the risk of credential compromise. Monitor and log all file upload activities on the cmsTemplate/saveMetaData endpoint to detect anomalous behavior. If possible, disable or restrict file upload functionality in the affected endpoint until a vendor patch or update is available. Employ web application firewalls (WAFs) with rules to detect and block suspicious file uploads or payloads. Regularly update publiccms to the latest version once patches addressing this vulnerability are released. Conduct thorough security assessments and penetration testing focusing on file upload functionalities. Additionally, implement network segmentation to limit the impact of potential compromises and maintain offline backups to enable recovery from attacks.