CVE-2024-58295 HIGH

CVE-2024-58295: ElkArte Forum 1.1.9 Authenticated Remote Code Execution via Theme Upload

Vendor Elkarte
Product ElkArte Forum
Weakness CWE-434 · Unrestricted file upload
Published December 11, 2025
Last update December 16, 2025

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

ElkArte Forum 1.1.9 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the theme installation process. Attackers can upload a ZIP archive with a PHP file containing system commands, which can then be executed by accessing the uploaded file in the theme directory.

Key dates

02Disclosure timeline

December 11, 2025 CVE published
December 16, 2025 Record updated