CVE-2024-28757

HIGH

libexpat < 2.6.2 - XML Entity Expansion via External Parser

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-28757. PoCs published by saurabh2088, RenukaSelvar.

AI-analyzed exploit summary This repository contains the source code and documentation for Expat 2.1.0, including a port for AmigaOS. It does not include an exploit PoC for CVE-2024-28757 but rather the vulnerable software itself.

Description

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

Exploits (2)

nomisec WRITEUP

by saurabh2088 · poc

https://github.com/saurabh2088/expat_2_1_0_CVE-2024-28757

View Code ZIP pw:eip

This repository contains the source code and documentation for Expat 2.1.0, including a port for AmigaOS. It does not include an exploit PoC for CVE-2024-28757 but rather the vulnerable software itself.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Expat 2.1.0

No auth needed

Prerequisites: Access to the vulnerable Expat library

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP

by RenukaSelvar · poc

https://github.com/RenukaSelvar/expat_CVE-2024-28757

View Code ZIP pw:eip

This repository appears to be a fork or snapshot of the Expat library (version 2.2.6) with no explicit exploit code or PoC for CVE-2024-28757. It includes standard library files, build scripts, and documentation but lacks any offensive security techniques or vulnerability demonstrations.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Expat (libexpat) 2.2.6

No auth needed

Prerequisites: None

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10

Core References

Exploit, Issue Tracking, Patch

https://github.com/libexpat/libexpat/issues/839

Issue Tracking, Patch

https://github.com/libexpat/libexpat/pull/842

Third Party Advisory

https://security.netapp.com/advisory/ntap-20240322-0001/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/

Mailing List vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/

Mailing List, Patch, Release Notes mailing-list

http://www.openwall.com/lists/oss-security/2024/03/15/1

Scores

CVSS v3 7.5

EPSS 0.0201

EPSS Percentile 78.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-776

Status published

Products (16)

fedoraproject/fedora 38

fedoraproject/fedora 39

fedoraproject/fedora 40

libexpat_project/libexpat < 2.6.2

netapp/active_iq_unified_manager

netapp/h300s_firmware

netapp/h410c_firmware

netapp/h410s_firmware

netapp/h500s_firmware

netapp/h610c_firmware

... and 6 more

Published Mar 10, 2024

Tracked Since Feb 18, 2026