Unrated severityNVD Advisory· Published Jan 14, 2025· Updated Jan 23, 2025
CVE-2024-48760
CVE-2024-48760
Description
An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
1- Metasploit Wrap-Up 05/15/2026Rapid7 Blog · May 15, 2026