9.8
CRITICAL
CVE-2024-28000
LiteSpeed Technologies LiteSpeed Cache Privilege Escalation
Description

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1.

INFO

Published Date :

Aug. 21, 2024, 2:15 p.m.

Last Modified :

Aug. 21, 2024, 4:06 p.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Public PoC/Exploit Available at Github

CVE-2024-28000 has a 8 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2024-28000 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Litespeedtech litespeed_cache
References to Advisories, Solutions, and Tools

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

CVE-2024-28000 Exploit for litespeed-cache =<6.3 allows Privilege Escalation with creation of administrator account

Go

Updated: 1 month, 3 weeks ago
4 stars 2 fork 2 watcher
Born at : Sept. 10, 2024, 8:16 a.m. This repo has been linked 1 different CVEs too.

CVE-2024-28000 LiteSpeed Cache Privilege Escalation Scan&Exp

Python

Updated: 1 month, 3 weeks ago
1 stars 0 fork 0 watcher
Born at : Sept. 9, 2024, 6:19 a.m. This repo has been linked 1 different CVEs too.

PoC for the CVE-2024 Litespeed Cache Privilege Escalation

Python

Updated: 2 months ago
4 stars 0 fork 0 watcher
Born at : Aug. 27, 2024, 7:20 a.m. This repo has been linked 1 different CVEs too.

LiteSpeed Cache Privilege Escalation PoC - CVE-2024-28000

abdal ebrasha exploit poc wordpress cve-2024-28000 litespeed-cache-privilege privilege-escalation-poc

C#

Updated: 2 months ago
3 stars 0 fork 0 watcher
Born at : Aug. 25, 2024, 4:57 p.m. This repo has been linked 1 different CVEs too.

LiteSpeed Cache Privilege Escalation PoC

Python

Updated: 2 months ago
13 stars 5 fork 5 watcher
Born at : Aug. 24, 2024, 5:12 a.m. This repo has been linked 1 different CVEs too.

0Day CVE-2024-28000 Auto Exploiter on WordPress LiteSpeed Cache plugin

0day auto cve exploit hack rce shell wordpress

Updated: 2 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : Aug. 23, 2024, 1:28 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 2 months, 1 week ago
0 stars 0 fork 0 watcher
Born at : Aug. 22, 2024, 1:27 p.m. This repo has been linked 1 different CVEs too.

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

security cve exploit poc vulnerability

Updated: 1 month, 3 weeks ago
6375 stars 1107 fork 1107 watcher
Born at : Dec. 8, 2019, 1:03 p.m. This repo has been linked 904 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-28000 vulnerability anywhere in the article.

  • BleepingComputer
LiteSpeed Cache WordPress plugin bug lets hackers get admin access

The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated site visitors to gain admin right ... Read more

Published Date: Oct 31, 2024 (4 days, 5 hours ago)
  • The Hacker News
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

Vulnerability / Website Security A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileg ... Read more

Published Date: Oct 31, 2024 (4 days, 11 hours ago)
  • Cybersecurity News
Over 6 Million Sites at Risk: Severe Privilege Escalation Flaw CVE-2024-50550 in LiteSpeed Cache Plugin

Rafie Muhammad, a Security Researcher at Patchstack, reveals a severe security vulnerability in the LiteSpeed Cache plugin—a popular WordPress caching plugin with over six million active installations ... Read more

Published Date: Oct 31, 2024 (4 days, 19 hours ago)
  • Cybersecurity News
Versa Networks Exposes Critical API Vulnerability in Versa Director (CVE-2024-45229)

Versa Networks has issued a security advisory regarding a vulnerability discovered in its Versa Director product, CVE-2024-45229. This vulnerability, which carries a CVSS score of 6.6, could potential ... Read more

Published Date: Sep 21, 2024 (1 month, 2 weeks ago)
  • Cybersecurity News
Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC

Overview of the attack chain | Image: Trend MicroIn a recent report from Trend Micro, the cyber espionage group Earth Baxia has been identified targeting government organizations in Taiwan and potenti ... Read more

Published Date: Sep 19, 2024 (1 month, 2 weeks ago)
  • Cybersecurity News
Ajina.Banker: Unmasking the Android Malware Targeting Central Asian Banks

Screenshot of the sample found on the VirusTotal platformCybersecurity analysts at Group-IB have uncovered a sophisticated malware campaign targeting bank customers in Central Asia. Dubbed “Ajina.Bank ... Read more

Published Date: Sep 16, 2024 (1 month, 2 weeks ago)
  • Cybersecurity News
BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign

A recent report from Cisco Talos has exposed a new threat actor named DragonRank, a Chinese-speaking group specializing in SEO manipulation and cyberattacks. This group operates by exploiting vulnerab ... Read more

Published Date: Sep 15, 2024 (1 month, 2 weeks ago)
  • Cybersecurity News
Black Basta’s Evolving Tactics and the Rising Role of LLMs in Cyber Attack

On the latest episode of the Microsoft Threat Intelligence podcast, host Sherrod DeGrippo and her expert guests delved into the cutting-edge techniques employed by cybercriminal groups, with a particu ... Read more

Published Date: Sep 06, 2024 (1 month, 4 weeks ago)
  • Cybersecurity News
North Korea Targets DeFi and Crypto Companies with Advanced Social Engineering Attacks

Please enable JavaScriptThe FBI has warned sternly about North Korean state-sponsored hackers employing highly sophisticated social engineering tactics to infiltrate decentralized finance (DeFi) and c ... Read more

Published Date: Sep 05, 2024 (1 month, 4 weeks ago)
  • Cybersecurity News
CVE-2024-38106: 0-Day Windows Kernel Vulnerability Exploited in the Wild, PoC Published

Recently, security researcher Sergey Kornienko from PixiePoint Security published an analysis and proof-of-concept (PoC) exploit for a critical zero-day vulnerability in the Windows Kernel, identified ... Read more

Published Date: Sep 04, 2024 (2 months ago)
  • Cybersecurity News
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws

Image: KasperskyCybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, bearing striking similarities to the ta ... Read more

Published Date: Sep 04, 2024 (2 months ago)
  • Cybersecurity News
Google TAG Uncovers Watering Hole Attacks on Mongolian Government Websites

In a revealing report, Google’s Threat Analysis Group (TAG) has uncovered a series of sophisticated watering hole attacks targeting Mongolian government websites between November 2023 and July 2024. T ... Read more

Published Date: Aug 31, 2024 (2 months ago)
  • Cybersecurity News
ESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60

Overview of the exploit’s control flow | Image: ESETESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which ... Read more

Published Date: Aug 28, 2024 (2 months, 1 week ago)
  • Cybersecurity News
Critical Flaw Discovered in Popular Python Library Pandas

Information Stealer Malware on the Rise: ACSC Issues Urgent Cybersecurity WarningThe Australian Cyber Security Centre (ACSC) has issued a warning about the escalating threat of information stealer mal ... Read more

Published Date: Aug 26, 2024 (2 months, 1 week ago)
  • security.nl
WordPress-sites aangevallen via kritiek lek in LiteSpeed Cache

Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in de plug-in LiteSpeed Cache voor het aanvallen van WordPress-sites, zo waarschuwt securitybedrijf Wordfence. Miljoenen websites hebben ... Read more

Published Date: Aug 23, 2024 (2 months, 1 week ago)
  • BleepingComputer
Hackers are exploiting critical bug in LiteSpeed Cache plugin

Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become ... Read more

Published Date: Aug 22, 2024 (2 months, 1 week ago)
  • Cybersecurity News
CVE-2024-28000 in LiteSpeed Cache Plugin Actively Exploited: Over 30,000 Attacks Blocked in 24 Hours

A critical security vulnerability in the widely used LiteSpeed Cache plugin for WordPress has come under active exploitation, with over 30,000 attack attempts blocked in just the past 24 hours, accord ... Read more

Published Date: Aug 22, 2024 (2 months, 1 week ago)
  • The Hacker News
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

Website Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administr ... Read more

Published Date: Aug 22, 2024 (2 months, 1 week ago)
  • BleepingComputer
Litespeed Cache bug exposes millions of WordPress sites to takeover attacks

A critical vulnerability in the LiteSpeed Cache WordPress plugin can let attackers take over millions of websites after creating rogue admin accounts. LiteSpeed Cache is open-source and the most popul ... Read more

Published Date: Aug 21, 2024 (2 months, 2 weeks ago)
  • Cybersecurity News
CVE-2024-28000 (CVSS 9.8): Active Exploitation of Litespeed Cache Vulnerability, 5 Million WordPress Sites at Risk of Complete Takeover

A critical security vulnerability (CVE-2024-28000, CVSS 9.8) in the widely-used Litespeed Cache plugin for WordPress has been disclosed, leaving over 5 million websites at risk of complete takeover. T ... Read more

Published Date: Aug 21, 2024 (2 months, 2 weeks ago)
  • security.nl
Miljoenen WordPress-sites kwetsbaar door kritiek lek in LiteSpeed Cache

Miljoenen WordPress-sites lopen het risico om via een kritieke kwetsbaarheid in de plug-in LiteSpeed Cache door aanvallers te worden overgenomen. Een update is beschikbaar, maar een groot aantal websi ... Read more

Published Date: Aug 21, 2024 (2 months, 2 weeks ago)

The following table lists the changes that have been made to the CVE-2024-28000 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Aug. 21, 2024

    Action Type Old Value New Value
    Changed Description Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.3.0.1. Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from 1.9 through 6.3.0.1.
  • CVE Received by [email protected]

    Aug. 21, 2024

    Action Type Old Value New Value
    Added Description Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.3.0.1.
    Added Reference Patchstack https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-6-3-0-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve [No types assigned]
    Added Reference Patchstack https://patchstack.com/articles/critical-privilege-escalation-in-litespeed-cache-plugin-affecting-5-million-sites?_s_id=cve [No types assigned]
    Added CWE Patchstack CWE-266
    Added CVSS V3.1 Patchstack AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-28000 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-28000 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability