CVE-2024-29185

Summary

CVE-2024-29185 is a newly disclosed vulnerability in the FreeScout self-hosted help desk and shared mailbox application. Versions prior to 1.8.128 are susceptible to OS Command Injection, specifically in the /public/tools.php file. The issue arises due to the use of the shell_exec function without proper validation, allowing an attacker to execute malicious OS commands by manipulating the php_path parameter. This attack can lead to a complete compromise of the server hosting the FreeScout application, as demonstrated by the extraction of the /etc/passwd file. The attacker must possess the `App_Key` of the application to execute this attack, making it a high-complexity vulnerability. The vulnerability has been addressed in FreeScout version 1.8.128, which includes a patch for the issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.