CVE-2024-52302

HIGH

common-user-management - Profile Picture Upload Remote Code Execution

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-52302. PoCs published by d3sca, pream-totaram.

AI-analyzed exploit summary This exploit demonstrates an unrestricted file upload vulnerability in a Java Spring Boot application, allowing authenticated users to upload malicious files (e.g., .jsp, .php) leading to Remote Code Execution (RCE). The script automates login and file upload to the vulnerable endpoint.

Description

common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper validation or restrictions, enabling attackers to upload malicious files that can lead to Remote Code Execution (RCE).

Exploits (3)

exploitdb WORKING POC
by d3sca · pythonwebappsjava
https://www.exploit-db.com/exploits/52206

This exploit demonstrates an unrestricted file upload vulnerability in a Java Spring Boot application, allowing authenticated users to upload malicious files (e.g., .jsp, .php) leading to Remote Code Execution (RCE). The script automates login and file upload to the vulnerable endpoint.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Java-springboot-codebase version 0.1
Auth required
Prerequisites: Valid credentials for authentication · Network access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by d3sca · poc
https://github.com/d3sca/CVE-2024-52302

This repository contains a functional exploit for CVE-2024-52302, an unrestricted file upload vulnerability in the Common-User-Management Spring Boot application. The exploit demonstrates how to authenticate and upload a malicious file to achieve Remote Code Execution (RCE).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Common-User-Management (Spring Boot application)
Auth required
Prerequisites: Valid credentials for a customer account · Network access to the target application · A malicious file (e.g., JSP, PHP) to upload
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by pream-totaram · poc
https://github.com/pream-totaram/CVE-2024-52302-reproduction

This repository contains a functional proof-of-concept for CVE-2024-52302, demonstrating an arbitrary file upload vulnerability in a Spring Boot application. The `CustomerController` allows unrestricted file uploads to `/tmp/`, which can lead to remote code execution if the uploaded file is executable.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Spring Boot application (version not specified)
No auth needed
Prerequisites: Access to the `/api/v1/customer/profile-picture` endpoint · Ability to send a POST request with a multipart file
devstral-2 · analyzed Apr 09, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v4 8.7
EPSS 0.0322
EPSS Percentile 86.6%
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
OsamaTaher/Java-springboot-codebase < 204402bb8b68030c14911379ddc82cfff00b8538
Published Nov 14, 2024
Tracked Since Feb 18, 2026