CVE-2024-48180 is a critical vulnerability affecting ClassCMS versions up to 4.8, specifically in the nowView method located in /class/cms/cms.php. The vulnerability arises from improper handling of file inclusion, where the application allows inclusion of files uploaded to the /class/template directory without adequate validation or sanitization. This flaw enables an attacker to upload a malicious PHP file and then include it via the vulnerable method, resulting in remote code execution (RCE). The vulnerability does not require any authentication or user interaction, making it highly exploitable over the network. The CVSS v3.1 base score is 9.8, reflecting its critical nature with network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact covers confidentiality, integrity, and availability, as attackers can execute arbitrary code, potentially leading to full system compromise. The vulnerability is categorized under CWE-434, indicating an unrestricted file upload issue with dangerous file types. No patches or official fixes are currently linked, and no known exploits have been reported in the wild as of the publication date. However, the severity and ease of exploitation make this a significant threat to organizations using ClassCMS.

The impact of CVE-2024-48180 is severe for organizations running vulnerable versions of ClassCMS. Successful exploitation allows attackers to execute arbitrary PHP code remotely, leading to full system compromise. This can result in unauthorized data access, data modification or deletion, deployment of malware or ransomware, and disruption of service availability. The vulnerability can be leveraged to establish persistent backdoors, pivot within internal networks, or exfiltrate sensitive information. Given the lack of authentication and user interaction requirements, attackers can automate exploitation at scale, increasing the risk of widespread attacks. Organizations relying on ClassCMS for content management, especially those hosting sensitive or critical data, face significant operational and reputational risks if this vulnerability is exploited.

To mitigate CVE-2024-48180, organizations should immediately: 1) Apply any available patches or updates from ClassCMS developers once released. 2) If patches are not yet available, restrict write permissions to the /class/template directory to prevent unauthorized file uploads. 3) Implement strict input validation and sanitization on file uploads, ensuring only safe file types are accepted and verifying file contents. 4) Employ web application firewalls (WAFs) with rules to detect and block attempts to access or include files in the vulnerable path. 5) Monitor logs for suspicious upload or inclusion activity related to /class/template directory. 6) Consider isolating or sandboxing the CMS environment to limit the impact of potential exploitation. 7) Conduct regular security audits and vulnerability scans to detect similar file inclusion or upload issues. 8) Educate development teams on secure coding practices to prevent CWE-434 type vulnerabilities in future releases.