virus logo Intrusion Prevention

ProjectSend.CVE-2024-11680.Authentication.Bypass

description-logoDescription

This indicates an attempt to exploit an Authentication Bypass vulnerability in ProjectSend.
The vulnerability is due to improper authorization checks, where certain PHP pages execute privileged actions before verifying user authentication and permissions. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to the target server. Successful exploitation could lead to unauthorized account creation, arbitrary file uploads, and remote code execution on the server.

affected-products-logoAffected Products

ProjectSend versions prior to r1720

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the website.
https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-04-07 31.984
Modified
 Sig Added
2024-12-30 29.928
Modified
 Default_action:pass:drop
2024-12-05 29.916
New
ID 56950
Created Dec 02, 2024
Updated Apr 07, 2025
CVE ID
Tags Threat Signal
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 93.49%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app
Profile Type Improper Authentication