CVE-2024-49380 Scanner

Plenti is a widely used static site generator known for its efficiency in building and serving websites. It is used by developers and organizations to create static websites with ease, ensuring speed and reliability for web applications.

The OS Command Injection vulnerability occurs in the `/postLocal` endpoint of Plenti, allowing malicious actors to execute arbitrary system commands. This poses significant risks, particularly in environments where Plenti is used to serve websites dynamically.

The vulnerability exploits an insecure file writing mechanism in the `/postLocal` endpoint, permitting attackers to write arbitrary files. The affected parameter `File` can be manipulated to introduce system-level commands that lead to remote code execution.

If exploited, this vulnerability can result in full system compromise. Attackers may gain unauthorized access to critical resources, exfiltrate sensitive data, and even disable services.

REFERENCES

• https://securitylab.github.com/advisories/GHSL-2024-297_GHSL-2024-298_plenti/
• https://nvd.nist.gov/vuln/detail/CVE-2024-49380