CVE-2024-23745

CRITICAL

Notion Web Clipper 1.0.3(7) - Command Injection via Dirty NIB Attack

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-23745. PoCs published by louiselalanne.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2024-23745, which involves a Dirty NIB attack on Notion Web Clipper 1.0.3(7). It explains how NIB files can be manipulated to execute arbitrary commands and includes step-by-step visual documentation of the exploit process.

Description

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of arbitrary commands within the application's context. NOTE: the vendor's perspective is that this is simply an instance of CVE-2022-48505, cannot properly be categorized as a product-level vulnerability, and cannot have a product-level fix because it is about incorrect caching of file signatures on macOS.

Exploits (1)

nomisec WRITEUP 2 stars

by louiselalanne · poc

https://github.com/louiselalanne/CVE-2024-23745

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2024-23745, which involves a Dirty NIB attack on Notion Web Clipper 1.0.3(7). It explains how NIB files can be manipulated to execute arbitrary commands and includes step-by-step visual documentation of the exploit process.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Notion Web Clipper 1.0.3(7)

No auth needed

Prerequisites: Access to modify NIB files · Ability to replace NIB files within the Notion application

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources

https://blog.xpnsec.com/dirtynib/

Various Sources

https://chromium.googlesource.com/chromium/src/+/master/docs/security/faq.md#Why-arent-physically_local-attacks-in-Chromes-threat-model

Exploit, Third Party Advisory

https://github.com/louiselalanne/CVE-2024-23745

Scores

CVSS v3 9.8

EPSS 0.0198

EPSS Percentile 78.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-77

Status published

Products (1)

notion/web_clipper 1.0.3\(7\)

Published Jan 31, 2024

Tracked Since Feb 18, 2026