CVE-2024-27115

CRITICAL NUCLEI

SOPlanning - Remote Code Execution

Title source: nuclei
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-27115. PoCs published by theexploiters. A Nuclei detection template is also available.

AI-analyzed exploit summary This is a functional exploit for CVE-2024-27115, targeting SOPlanning 1.52.01. It leverages authenticated file upload to achieve remote code execution via a PHP web shell.

Description

A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability, an attacker can upload executable files that are moved to a publicly accessible folder before verifying any requirements. This leads to the possibility of execution of code on the underlying system when the file is triggered. The vulnerability has been remediated in version 1.52.02.

Exploits (1)

nomisec WORKING POC 5 stars
by theexploiters · poc
https://github.com/theexploiters/CVE-2024-27115-Exploit

This is a functional exploit for CVE-2024-27115, targeting SOPlanning 1.52.01. It leverages authenticated file upload to achieve remote code execution via a PHP web shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SOPlanning 1.52.01
Auth required
Prerequisites: Valid credentials for SOPlanning · Network access to the target · Python 3.x with requests library
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

SOPlanning - Remote Code Execution

References (1)

Core 1
Core References
Broken Link third-party-advisory
https://csirt.divd.nl/CVE-2024-27115

Scores

CVSS v3 9.8
EPSS 0.0462
EPSS Percentile 90.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
soplanning/soplanning < 1.52.02
Published Sep 11, 2024
Tracked Since Feb 18, 2026