CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-25600

Critical Severity
SVRS
70/100
CVSSv3
NA/10
EPSS
0.93635/1

CVE-2024-25600 is a code injection vulnerability in Codeer Limited's Bricks Builder, affecting versions up to 1.9.6. This flaw allows attackers to inject malicious code, potentially leading to remote code execution on vulnerable systems. With an SVRS of 70, this vulnerability requires attention, though not immediate action, as it is nearing critical severity. Despite a CVSS score of 0, the presence of active exploits "In The Wild" significantly elevates the risk. Exploitation could allow attackers to gain unauthorized access, modify website content, or compromise the entire server. Users of Bricks Builder are strongly advised to update to a patched version or implement mitigations to prevent potential exploitation of this critical vulnerability.

TAGS
In The Wild
Exploit Avaliable
VECTOR STRING
PUBLICATION DATE2024-06-04
LAST MODIFIED2024-06-04
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-25600 is a vulnerability with a CVSS score of 0, indicating a low severity level. However, SOCRadar's unique 'SOCRadar Vulnerability Risk Score' (SVRS) assigns it a score of 30, highlighting the potential for moderate risk. This discrepancy stems from SOCRadar's integration of various 'Vulnerability Intelligence' elements, including Social Media, News, Code Repositories, Dark/Deep Web data, and associations with Threat Actors and malware.

Key Insights

  • Low CVSS Score but Moderate SVRS: The low CVSS score may not fully capture the potential impact of this vulnerability, as indicated by the higher SVRS. This underscores the importance of considering additional factors beyond CVSS when assessing risk.
  • Lack of Description: The absence of a description for CVE-2024-25600 limits our understanding of its nature and potential impact.
  • Moderate SVRS: The SVRS score of 30 suggests that this vulnerability warrants attention and may require mitigation measures to reduce potential risks.

Mitigation Strategies

  • Monitor for Updates: Stay informed about the latest developments regarding CVE-2024-25600 and apply any necessary patches or updates as they become available.
  • Implement Security Controls: Enhance your cybersecurity posture by implementing robust security controls, such as firewalls, intrusion detection systems, and anti-malware software.
  • Educate Users: Train employees on cybersecurity best practices, including recognizing and reporting suspicious activity.
  • Consider Additional Risk Assessment: Conduct a thorough risk assessment to identify and prioritize vulnerabilities based on their potential impact and likelihood of exploitation.

Additional Information

If you have any further questions regarding this incident, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCEhttps://github.com/X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE2024-04-20
0bl1v10nf0rg0773n/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPresshttps://github.com/0bl1v10nf0rg0773n/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress2024-04-17
cboss43/CVE-2024-25600https://github.com/cboss43/CVE-2024-256002025-04-03
Christbowel/CVE-2024-25600_Nuclei-Templatehttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template2024-02-21
meli0dasH4ck3r/cve-2024-25600https://github.com/meli0dasH4ck3r/cve-2024-256002025-04-04
ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPresshttps://github.com/ivanbg2004/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress2024-06-02
K3ysTr0K3R/CVE-2024-25600-EXPLOIThttps://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT2024-03-01
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-25600 | Bricks Plugin up to 1.9.6 on WordPress improper authentication
vuldb.com2024-06-04
CVE-2024-25600 | Bricks Plugin up to 1.9.6 on WordPress improper authentication | A vulnerability classified as critical was found in Bricks Plugin up to 1.9.6 on WordPress. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-25600. The attack can be initiated remotely. There is no exploit available.
cve-2024-25600
domains
urls
cves
Hackers exploit critical RCE flaw in Bricks WordPress site builder - BleepingComputer
2024-02-19
Hackers exploit critical RCE flaw in Bricks WordPress site builder - BleepingComputer | News Content: By Bill Toulas 12:55 PM Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. The Bricks Builder Theme is a premium WordPress theme described as an innovative, community-driven visual site builder. With around 25,000 active installations, the product promotes user friendliness and customization in website design. On February 10, a researcher named ‘snicco’ discovered a vulnerability currently tracked as CVE-2024-25600 that impacts the Brick Builder Theme installed
cve-2024-25600
ipv4s
cves
config

Social Media

[ Tool ] - Mass CVE-2024-25600 🚨 Bricks <= 1.9.6 💚 https://t.co/N1fU0rNrbL
0
0
0
🚨 Hackers are abusing WordPress mu-plugins a hidden auto-run directory to inject malware, hijack links, and redirect users to scam sites. Also, add these to the list of 2024's major WordPress threats: CVE-2024-27956 | SQL injection CVE-2024-25600 | RCE in Bricks theme https://t.co/CjJGy9UJ1k
0
0
0
📌 Estas vulnerabilidades están siendo explotadas: 🔹 CVE-2024-27956 – SQL Injection en WordPress Automatic Plugin 🛑 🔹 CVE-2024-25600 – RCE en Bricks Theme 🚧 🔹 CVE-2024-8353 – PHP Object Injection en GiveWP 🚨 🔹 CVE-2024-4345 – File Upload Arbitrario en Startklar Elementor
1
0
0
@rkreddyp @TheHackersNews CVE-2024-27956: Update WordPress Automatic plugin to v3.92.1+. Risks: SQL Injection. Mitigation: Input validation, WAF. CVE-2024-25600: Upgrade Bricks Builder theme to v1.9.7+. RCE risk. Mitigation: Input sanitization, WAF.
1
0
0
GitHub - so1icitx/CVE-2024-25600: CVE-2024-25600 exploit (python 3) https://t.co/Jl56Y0UZ1q
0
1
2
🚨 CVE-2024-25600 RCE vulnerability in Bricks Builder 1.9.6. Attackers can execute remote code, compromising WordPress sites. 🔧 Update now! More info: https://t.co/jryr7w4nPS #CyberSecurity #RCE #CVE2024 #WordPressSecurity
0
0
0
CVE-2024-25600: Unauth. RCE vulnerability caused by PHP code injection in Bricks Builder, a WordPress site builder with over 25,000+ active installations. Severity: Critical (CVSS 9.8) Root cause analysis: https://t.co/KBUnXjnXHf PoC: https://t.co/2CX8VN17dF #hackers https://t.co/PrRPnvXk7z
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://github.com/Chocapikk/CVE-2024-25600
[email protected]https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT
[email protected]https://patchstack.com/articles/critical-rce-patched-in-bricks-builder-theme?_s_id=cve
[email protected]https://patchstack.com/database/vulnerability/bricks/wordpress-bricks-theme-1-9-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve
[email protected]https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
GITHUBhttps://github.com/Chocapikk/CVE-2024-25600
GITHUBhttps://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT
GITHUBhttps://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6

CWE Details

CWE IDCWE NameDescription
CWE-94Improper Control of Generation of Code ('Code Injection')The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence