In Mautic versions before 5.2.3 two critical security vulnerabilities CVE-2024-47051 were detected. These vulnerabilities allow authenticated users to execute remote code via asset upload by bypassing file extension restrictions and to delete arbitrary files through a path traversal flaw. To address this issues, users should upgrade Mautic to versions 5.2.3 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-47051.
Mautic: Critical RCE and Path Traversal Vulnerabilities
by the Hossted team
28.02.2025
28.02.2025