CVE-2024-42599

Name of the Vulnerable Software and Affected Versions SeaCMS version 13.0

Description The issue is related to a remote code execution vulnerability. Although the admin files.php file imposes restrictions on edited files, attackers can bypass these restrictions and write code. This allows authenticated attackers to exploit the vulnerability, execute arbitrary commands, and gain system privileges.

Recommendations For SeaCMS version 13.0, consider disabling the editing functionality in admin files.php as a temporary workaround until a patch is available. Restrict access to the admin files.php file to minimize the risk of exploitation.