CVE-2024-57727

HIGH KEV RANSOMWARE NUCLEI

SimpleHelp Path Traversal Vulnerability CVE-2024-57727

Title source: metasploit

Description

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing various secrets and hashed user passwords.

Exploits (3)

github WORKING POC 40 stars

by iSee857 · pythonpoc

https://github.com/iSee857/CVE-PoC/tree/main/SimpleHelp(CVE-2024-57727).py

View Code ZIP pw:eip

nomisec WORKING POC 14 stars

by imjdl · infoleak

https://github.com/imjdl/CVE-2024-57727

View Code ZIP pw:eip

metasploit WORKING POC

by horizon3ai, imjdl, jheysel-r7 · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/simplehelp_toolbox_path_traversal.rb

View Code ZIP pw:eip

Nuclei Templates (1)

SimpleHelp <= 5.5.7 - Unauthenticated Path Traversal

HIGHVERIFIEDby iamnoooob,rootxharsh,pdresearch,3th1cyuk1

Shodan: html:"SimpleHelp"

References (3)

[Release Notes] https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier

[Third Party Advisory] https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-57727

Scores

CVSS v3 7.5

EPSS 0.9396

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitation Intel

CISA KEV 2025-02-13

VulnCheck KEV 2025-01-31

ENISA EUVD EUVD-2024-53725

Ransomware Use Confirmed

Classification

CWE

CWE-22

Status published

Affected Products (1)

simple-help/simplehelp < 5.5.8

Timeline

Published Jan 15, 2025

KEV Added Feb 13, 2025

Tracked Since Feb 18, 2026