CVE-2024-52375 identifies a critical vulnerability in Arttia Creative's Datasets Manager software, versions up to and including 1.5, where the application fails to properly restrict the types of files that can be uploaded. This unrestricted file upload vulnerability allows an attacker to upload files with dangerous types, such as executable scripts or malware, without validation or sanitization. The lack of file type restrictions can lead to several attack vectors, including remote code execution if the uploaded file is processed or executed by the server, web shell deployment, or unauthorized data storage and exfiltration. The vulnerability does not require authentication, meaning any unauthenticated attacker with access to the upload functionality can exploit it. Although no known exploits are currently reported in the wild, the vulnerability's nature makes it a high-risk issue. The absence of a CVSS score suggests that the vulnerability is newly disclosed and pending further analysis. The software is used for managing datasets, which may contain sensitive or proprietary information, increasing the potential impact of a successful attack. The vulnerability affects all versions up to 1.5, and no official patches or mitigations have been published yet, requiring organizations to implement interim controls. The vulnerability was reserved and published in November 2024, indicating recent discovery and disclosure.

The unrestricted upload of dangerous file types can severely compromise organizational security. Attackers can upload malicious scripts or executables leading to remote code execution, server takeover, or persistent backdoors. This threatens confidentiality by exposing sensitive datasets, integrity by allowing unauthorized data modification, and availability by potentially disrupting services through malicious payloads. Since no authentication is required, the attack surface is broad, increasing the likelihood of exploitation. Organizations relying on Arttia Creative's Datasets Manager risk data breaches, intellectual property theft, and operational disruption. The impact extends to regulatory compliance violations if sensitive data is exposed. The lack of current exploits reduces immediate risk but does not diminish the potential severity once exploit code becomes available. The vulnerability could also be leveraged as a foothold in larger targeted attacks or ransomware campaigns.

Until an official patch is released, organizations should implement strict file upload controls, including: 1) Enforce server-side validation to allow only safe file types (e.g., whitelist extensions and MIME types). 2) Implement file content inspection to detect and block executable or script files disguised with safe extensions. 3) Restrict upload directories to non-executable locations to prevent execution of uploaded files. 4) Apply least privilege principles to the upload functionality, limiting user permissions and access. 5) Monitor logs for unusual upload activity or attempts to upload suspicious files. 6) Use web application firewalls (WAFs) with rules to detect and block malicious upload attempts. 7) Educate users and administrators about the risk and encourage prompt reporting of suspicious behavior. 8) Prepare to apply vendor patches immediately upon release and test updates in a controlled environment before deployment. 9) Consider disabling file upload features if not essential to reduce attack surface.