CVE-2024-7074 MEDIUM

CVE-2024-7074: Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Service Leading to Remote Code Execution

Vendor Wso2
Product WSO2 Enterprise Integrator
Weakness CWE-434 · Unrestricted file upload
Published June 2, 2025
Last update June 2, 2025

CVSS base score

6.8/10
Attack vector Adjacent
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server. By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.

Key dates

02Disclosure timeline

June 2, 2025 CVE published
June 2, 2025 Record updated