CVE-2024-40645

Public Exploit
FOG Authenticated File Upload RCE

Description

FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebranding feature has a check on the client banner image requiring it to be 650 pixels wide and 120 pixels high. Apart from that, there are no checks on things like file extensions. This can be abused by appending a PHP webshell to the end of the image and changing the extension to anything the PHP web server will parse. This vulnerability is fixed in 1.5.10.41.

Category

8.8
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.12%
Affected: FOGProject fogproject
Published at:
Updated at:

References

Link Tags
https://github.com/FOGProject/fogproject/security/advisories/GHSA-59mq-q8g5-2f4f exploit
https://github.com/FOGProject/fogproject/commit/9469606a18bf8887740cceed6593a2e0380b5e0c patch
https://github.com/FOGProject/fogproject/blob/a4bb1bf39ac53c3cbe623576915fbc3b5c80a00f/packages/web/lib/pages/fogconfigurationpage.class.php#L2860-L2896 product

Frequently Asked Questions

What is the severity of CVE-2024-40645?
CVE-2024-40645 has been scored as a high severity vulnerability.
How to fix CVE-2024-40645?
To fix CVE-2024-40645, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-40645 being actively exploited in the wild?
It is possible that CVE-2024-40645 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-40645?
CVE-2024-40645 affects FOGProject fogproject.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.