CVE-2024-21546

CRITICAL

unisharp/laravel-filemanager < 2.9.1 - Remote Code Execution via Mimetype and File Extension Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-21546. PoCs published by ajdumanhug.

AI-analyzed exploit summary This Python script exploits CVE-2024-21546 in UniSharp Laravel Filemanager by bypassing file upload restrictions to achieve RCE via a reverse shell. It validates session tokens, extracts CSRF tokens, and uploads a malicious PHP payload disguised as a PNG file.

Description

Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution (RCE) through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code.

Exploits (1)

nomisec WORKING POC 4 stars
by ajdumanhug · poc
https://github.com/ajdumanhug/CVE-2024-21546

This Python script exploits CVE-2024-21546 in UniSharp Laravel Filemanager by bypassing file upload restrictions to achieve RCE via a reverse shell. It validates session tokens, extracts CSRF tokens, and uploads a malicious PHP payload disguised as a PNG file.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: UniSharp Laravel Filemanager <= 2.9.1
Auth required
Prerequisites: Valid Laravel session cookie · Network access to target · Listener setup for reverse shell
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.0439
EPSS Percentile 89.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (2)
n/a/unisharp/laravel-filemanager < 2.9.1
unisharp/laravel-filemanager 0 - 2.9.1Packagist
Published Dec 18, 2024
Tracked Since Feb 18, 2026