CVE-2024-0352

HIGH EXPLOITED NUCLEI

likeshop < 2.5.7.20210311 - Unrestricted File Upload via FileServer::userFormImage

Title source: llm

Exploitation Summary

CVE-2024-0352 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Cappricio-Securities. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a Python-based scanner for detecting CVE-2024-0352, a vulnerability in Likeshop. It checks for vulnerable endpoints by sending crafted HTTP requests and parsing responses for specific patterns, but does not include exploit code for achieving RCE.

Description

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120.

Exploits (1)

nomisec SCANNER

by Cappricio-Securities · remote

https://github.com/Cappricio-Securities/CVE-2024-0352

View Code ZIP pw:eip

The repository contains a Python-based scanner for detecting CVE-2024-0352, a vulnerability in Likeshop. It checks for vulnerable endpoints by sending crafted HTTP requests and parsing responses for specific patterns, but does not include exploit code for achieving RCE.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Likeshop (version not specified)

No auth needed

Prerequisites: Network access to the target · Python 3 environment

MITRE ATT&CK

T1595 - Active Scanning

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Likeshop < 2.5.7.20210311 - Arbitrary File Upload

CRITICALVERIFIEDby CookieHanHoan,babybash,samuelsamuelsamuel

Shodan: http.favicon.hash:874152924

FOFA: icon_hash=874152924

References (3)

Core 3

Core References

Third Party Advisory vdb-entry technical-description

https://vuldb.com/?id.250120

Permissions Required, Third Party Advisory signature permissions-required

https://vuldb.com/?ctiid.250120

Broken Link broken-link exploit

https://note.zhaoj.in/share/ciwYj7QXC4sZ

Scores

CVSS v3 7.3

EPSS 0.7069

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2024-01-22

CWE

CWE-434

Status published

Products (1)

likeshop/likeshop < 2.5.7.20210311

Published Jan 09, 2024

Tracked Since Feb 18, 2026