CVE-2024-24578

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-24578
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-24578.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-24578
Aliases
  • GHSA-q967-q4j8-637h
Published
2024-03-18T21:13:03.626Z
Modified
2026-04-10T05:09:50.392407Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
RaspberryMatic Unauthenticated Remote Code Execution vulnerability through HMServer File Upload
Details

RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. RaspberryMatic / OCCU prior to version 3.75.6.20240316 contains a unauthenticated remote code execution (RCE) vulnerability, caused by multiple issues within the Java based HMIPServer.jar component. RaspberryMatric includes a Java based HMIPServer, that can be accessed through URLs starting with /pages/jpages. The FirmwareController class does however not perform any session id checks, thus this feature can be accessed without a valid session. Due to this issue, attackers can gain remote code execution as root user, allowing a full system compromise. Version 3.75.6.20240316 contains a patch.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/24xxx/CVE-2024-24578.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-23",
        "CWE-306"
    ]
}
References

Affected packages

Git / github.com/jens-maus/raspberrymatic

Affected ranges

Type
GIT
Repo
https://github.com/jens-maus/raspberrymatic
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9e2072a7686cb1d86449f400d519cff38ddd9648
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.75.6.20240316"
        }
    ]
}

Affected versions

2.*
2.15.5.20151101
2.21.10.20160821
2.25.15.20161220
2.27.7.20170316
2.27.8.20170410
2.27.8.20170413
2.27.8.20170501
2.27.8.20170615
2.27.8.20170620
2.29.18.20170731
2.29.22.20170902
2.29.22.20171007
2.29.23.20171022
2.29.23.20171118
2.31.25.20180324
2.31.25.20180526
2.35.16.20180708
2.35.16.20180715
3.*
3.37.8.20180922
3.37.8.20180929
3.37.8.20181026
3.41.11.20181124
3.41.11.20181126
3.41.11.20181222
3.41.11.20190126
3.43.15.20190223
3.45.5.20190330
3.45.7.20190504
3.45.7.20190511
3.45.7.20190622
3.47.10.20190713
3.47.22.20191130
3.49.17.20191225
3.49.17.20200131
3.51.6.20200229
3.51.6.20200420
3.51.6.20200613
3.51.6.20200621
3.63.8.20220330
3.63.9.20220430
3.63.9.20220521
3.63.9.20220625
3.65.11.20221005
3.65.11.20221218
3.65.6.20220723
3.65.8.20220831
3.67.10.20230114
3.67.10.20230225
3.69.6.20230407
3.69.7.20230506
3.69.7.20230626
3.71.12.20230826
3.71.12.20231014
3.71.12.20231020
3.73.9.20231130
3.73.9.20240130
Other
snapshots

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-24578.json"