CVE-2024-44570 in RELY-PCIe
Summary
by MITRE • 09/11/2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 04/28/2025
The vulnerability identified as CVE-2024-44570 affects RELY-PCIe software versions between v22.2.1 and v23.1.0, representing a critical code injection flaw that resides within the phpinf.php file's getParams function. This issue stems from insufficient input validation and sanitization mechanisms that allow malicious actors to inject arbitrary code into the system through carefully crafted parameters. The vulnerability specifically targets the parameter handling functionality that processes user-supplied inputs, creating an avenue for remote code execution when the application fails to properly validate or escape incoming data before processing.
The technical implementation of this vulnerability demonstrates a classic code injection weakness that aligns with CWE-94, which describes the improper execution of code due to insufficient input validation. The getParams function in phpinf.php appears to directly incorporate user-controllable parameters into system operations without adequate sanitization, enabling attackers to manipulate the application's behavior by injecting malicious payloads. This flaw operates at the application layer and leverages the PHP runtime environment's capabilities to execute arbitrary code, potentially allowing threat actors to gain full control over affected systems.
Operationally, this vulnerability poses significant risks to organizations utilizing RELY-PCIe software in their network infrastructure. Attackers could exploit this weakness to execute malicious commands on affected systems, potentially leading to complete system compromise, data exfiltration, or lateral movement within the network. The impact extends beyond individual system compromise as the vulnerability affects a range of software versions, suggesting a widespread potential attack surface. Security professionals must consider this vulnerability as part of the broader attack surface when evaluating network security postures and implementing defensive measures.
The exploitation of this vulnerability aligns with several tactics described in the MITRE ATT&CK framework, particularly those related to command and control operations and privilege escalation. Attackers could leverage this code injection capability to establish persistent access, deploy additional malicious tools, or conduct reconnaissance activities within the compromised environment. Organizations should implement immediate mitigations including software updates to versions beyond v23.1.0, input validation controls, and network segmentation to limit the potential impact. Additionally, monitoring for anomalous system behavior and implementing web application firewalls can help detect and prevent exploitation attempts. The vulnerability underscores the importance of regular security updates and proper input validation practices in preventing remote code execution attacks.