CVE-2024-58278

HIGH

perl2exe < V30.10C - RCE

Title source: llm

Description

perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized access.

Exploits (1)

exploitdb WORKING POC

by decrazyo · textremotemultiple

https://www.exploit-db.com/exploits/51825

View Code ZIP pw:eip

References (4)

[Various Sources] https://www.indigostar.com/

[Various Sources] https://www.indigostar.com/download/p2x-30.10-Linux-x64-5.30.1.tar.gz

[Third Party Advisory] https://www.vulncheck.com/advisories/indigostar-software-perl2exe-v3010c-arbitrary-code-execution

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/51825

Scores

CVSS v4 8.5

EPSS 0.0004

EPSS Percentile 12.6%

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

CWE

CWE-78

Status published

Products (1)

IndigoSTAR Software/perl2exe < V30.10C

Published Dec 04, 2025

Tracked Since Feb 18, 2026