CVE-2024-51789 is a security vulnerability identified in the UjW0L Image Classify software, specifically affecting versions up to and including 1.0.0. The vulnerability arises from the application's failure to properly restrict the types of files that can be uploaded. This unrestricted file upload flaw allows an attacker to upload malicious files, such as web shells, directly to the web server hosting the application. Once a web shell is uploaded, the attacker can execute arbitrary commands remotely, potentially gaining full control over the server environment. This can lead to data theft, server manipulation, lateral movement within the network, and deployment of further malware or ransomware. The vulnerability does not require authentication or user interaction, increasing its risk profile. Although no CVSS score has been assigned and no known exploits are currently reported in the wild, the technical details indicate a severe security gap. The lack of official patches or mitigations from the vendor further exacerbates the threat. The vulnerability impacts the confidentiality, integrity, and availability of affected systems, making it a critical concern for organizations relying on this software for image classification tasks.

The impact of CVE-2024-51789 is significant for organizations using UjW0L Image Classify, as exploitation can lead to complete server compromise. Attackers can upload web shells, enabling remote code execution and unauthorized access to sensitive data. This can result in data breaches, service disruption, and potential pivoting to other internal systems. The vulnerability threatens confidentiality by exposing sensitive information, integrity by allowing unauthorized changes, and availability by potentially disrupting services. Given the ease of exploitation without authentication or user interaction, the scope of affected systems could be broad, especially in environments where Image Classify is deployed on publicly accessible servers. Organizations in sectors such as technology, research, healthcare, and government that utilize image classification software may face heightened risks. The absence of patches and known exploits suggests a window of opportunity for attackers, emphasizing the urgency of mitigation.

To mitigate CVE-2024-51789, organizations should immediately implement strict file upload validation to restrict allowed file types and sizes. Employ server-side checks to verify file extensions and MIME types, and use allowlists rather than blocklists. Deploy web application firewalls (WAFs) with rules to detect and block suspicious file uploads and web shell signatures. Restrict web server permissions to limit execution rights in upload directories, preventing execution of uploaded files. Isolate the application environment using containerization or sandboxing to reduce lateral movement risks. Monitor server logs for unusual file uploads or access patterns indicative of exploitation attempts. Until an official patch is released, consider disabling or restricting the file upload feature if feasible. Regularly back up critical data and ensure incident response plans are updated to address potential web shell intrusions. Engage with the vendor for updates and patches, and apply them promptly once available.