Unrated severityNVD Advisory· Published Jan 14, 2025· Updated Jan 23, 2025

CVE-2024-48760

Description

An issue in GestioIP v3.5.7 allows a remote attacker to execute arbitrary code via the file upload function. The attacker can upload a malicious perlcmd.cgi file that overwrites the original upload.cgi file, enabling remote command execution.

Affected products

GestioIP/GestioIPdescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gestioip.net/index.htmlmitre
github.com/maxibelino/CVEs/tree/main/CVE-2024-48760mitre

News mentions

Metasploit Wrap-Up 05/15/2026
Rapid7 Blog · May 15, 2026

cvss	0.000
epss	0.053
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000