CVE-2024-50480 in Marketing Automation Plugininfo

Summary

by MITRE • 10/29/2024

Unrestricted Upload of File with Dangerous Type vulnerability in azexo Marketing Automation by AZEXO marketing-automation-by-azexo allows Upload a Web Shell to a Web Server.This issue affects Marketing Automation by AZEXO: from n/a through <= 1.27.80.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 04/07/2026

The vulnerability CVE-2024-50480 represents a critical unrestricted file upload flaw within the azexo Marketing Automation platform, specifically impacting versions prior to and including 1.27.80. This weakness falls under the category of CWE-434, which describes unrestricted upload of files with dangerous type, a common yet devastating vulnerability that allows attackers to bypass file validation mechanisms and upload malicious content to web servers. The vulnerability exists in the file upload functionality of the marketing automation system, where proper input sanitization and file type validation are absent or insufficiently implemented.

The technical exploitation of this vulnerability enables an attacker to upload web shells or other malicious files to the target web server, effectively providing remote code execution capabilities. This occurs because the application fails to properly validate file extensions, MIME types, or file contents before storing uploaded files on the server. When users upload files through the marketing automation interface, the system does not adequately verify that the uploaded content matches the expected file types or that it contains malicious code. The absence of proper file type restrictions allows attackers to upload executable scripts, web shells, or other dangerous file types that can be executed by the web server.

The operational impact of this vulnerability is severe and far-reaching for organizations using the affected azexo Marketing Automation platform. Successful exploitation can lead to complete compromise of the web server, allowing attackers to execute arbitrary commands, access sensitive data, establish persistent backdoors, and potentially escalate privileges within the network. The vulnerability creates an attack surface that can be leveraged for data exfiltration, lateral movement, and establishment of command and control channels. Organizations may face regulatory compliance violations, data breaches, and significant financial losses due to the potential for widespread system compromise.

Security professionals should immediately implement mitigations including updating to the latest version of the marketing automation software where this vulnerability has been patched. Additionally, implementing proper file validation mechanisms, restricting file upload directories, and configuring web server security measures such as disabling script execution in upload directories can help prevent exploitation. The vulnerability aligns with ATT&CK technique T1190, which involves exploiting vulnerabilities in web applications to establish persistence and execute malicious code. Organizations should also conduct thorough security assessments of their marketing automation systems and implement network segmentation to limit potential damage from successful exploitation attempts.

Responsible

Patchstack

Reservation

10/24/2024

Disclosure

10/29/2024

Moderation

accepted

CPE

ready

EPSS

0.00478

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!