CVE-2023-24610

HIGH LAB

NOSH 4a5cfdb - Authenticated Remote Code Execution via Practice Logo Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-24610. PoCs published by abbisQQ.

AI-analyzed exploit summary This repository provides a functional proof-of-concept exploit for CVE-2023-24610, demonstrating a file upload vulnerability that bypasses front-end checks to achieve remote code execution via a polyglot PHP/PNG file. The exploit involves intercepting and modifying the file extension during upload to execute a reverse shell.

Description

NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting.

Exploits (1)

nomisec WORKING POC 3 stars

by abbisQQ · poc

https://github.com/abbisQQ/CVE-2023-24610

View Code ZIP pw:eip

This repository provides a functional proof-of-concept exploit for CVE-2023-24610, demonstrating a file upload vulnerability that bypasses front-end checks to achieve remote code execution via a polyglot PHP/PNG file. The exploit involves intercepting and modifying the file extension during upload to execute a reverse shell.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Unknown (likely a web application with file upload functionality)

Auth required

Prerequisites: Access to the target application · Valid credentials · Ability to intercept and modify HTTP requests (e.g., Burp Suite) · Network connectivity to receive the reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1204 - User Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →