{"id":"CVE-2024-47823","summary":"Livewire Remote Code Execution (RCE) on File Uploads","details":"Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire prior to `2.12.7` and `v3.5.2`, the file extension of an uploaded file is guessed based on the MIME type. As a result, the actual file extension from the file name is not validated. An attacker can therefore bypass the validation by uploading a file with a valid MIME type (e.g., `image/png`) and a “.php” file extension. If the following criteria are met, the attacker can carry out an RCE attack: 1. Filename is composed of the original file name using `$file-\u003egetClientOriginalName()`. 2. Files stored directly on your server in a public storage disk. 3. Webserver is configured to execute “.php” files. This issue has been addressed in release versions `2.12.7` and `3.5.2`. All users are advised to upgrade. There are no known workarounds for this vulnerability.","aliases":["GHSA-f3cx-396f-7jqp"],"modified":"2026-04-10T05:17:31.049406Z","published":"2024-10-08T17:48:36.496Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47823.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-20"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47823.json"},{"type":"ADVISORY","url":"https://github.com/livewire/livewire/security/advisories/GHSA-f3cx-396f-7jqp"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47823"},{"type":"FIX","url":"https://github.com/livewire/livewire/commit/70503b79f5db75a1eac9bf55826038a6ee5a16d5"},{"type":"FIX","url":"https://github.com/livewire/livewire/commit/cd168c6212ea13d13b82b3132485741f82d9fad9"},{"type":"FIX","url":"https://github.com/livewire/livewire/pull/8624"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/livewire/livewire","events":[{"introduced":"ea97977ac080fff70f0a35280bdb7322c246345e"},{"fixed":"636725c1f87bc7844dd80277488268db27eec1aa"}],"database_specific":{"versions":[{"introduced":"3.0.0-beta.1"},{"fixed":"3.5.2"}]}},{"type":"GIT","repo":"https://github.com/livewire/livewire","events":[{"introduced":"0"},{"fixed":"cd168c6212ea13d13b82b3132485741f82d9fad9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.12.7"}]}}],"versions":["1.3.0","2.5.0","v.0.3.11","v0.0.1","v0.0.10","v0.0.11","v0.0.13","v0.0.14","v0.0.15","v0.0.2","v0.0.3","v0.0.4","v0.0.5","v0.0.6","v0.0.7","v0.0.8","v0.0.9","v0.1","v0.1.1","v0.1.2","v0.1.3","v0.1.4","v0.1.5","v0.1.6","v0.2.0","v0.2.1","v0.2.10","v0.2.2","v0.2.3","v0.2.4","v0.2.5","v0.2.6","v0.2.7","v0.2.8","v0.2.9","v0.3.0","v0.3.1","v0.3.10","v0.3.12","v0.3.13","v0.3.14","v0.3.15","v0.3.16","v0.3.17","v0.3.18","v0.3.19","v0.3.2","v0.3.20","v0.3.21","v0.3.4","v0.3.5","v0.3.6","v0.3.7","v0.3.9","v0.4.0","v0.5.0","v0.5.1","v0.5.2","v0.5.3","v0.6.0","v0.7.0","v0.7.1","v0.7.2","v0.7.3","v0.7.4","v1.0.0","v1.0.1","v1.0.10","v1.0.13","v1.0.14","v1.0.2","v1.0.3","v1.0.4","v1.0.5","v1.0.6","v1.0.7","v1.0.8","v1.0.9","v1.1.0","v1.2.0","v2.0.0","v2.0.1","v2.0.2","v2.0.3","v2.0.4","v2.1.0","v2.1.1","v2.1.2","v2.1.3","v2.1.4","v2.10.0","v2.10.1","v2.10.2","v2.10.3","v2.10.4","v2.10.5","v2.10.6","v2.10.7","v2.10.8","v2.11.0","v2.11.1","v2.11.2","v2.11.3","v2.12.0","v2.12.1","v2.12.2","v2.12.3","v2.12.4","v2.12.5","v2.12.6","v2.2.0","v2.2.1","v2.2.2","v2.2.3","v2.2.4","v2.2.5","v2.2.6","v2.2.7","v2.2.8","v2.2.9","v2.3.0","v2.3.10","v2.3.11","v2.3.12","v2.3.13","v2.3.14","v2.3.15","v2.3.16","v2.3.17","v2.3.18","v2.3.2","v2.3.3","v2.3.4","v2.3.5","v2.3.6","v2.3.7","v2.3.8","v2.3.9","v2.4.0","v2.4.3","v2.4.4","v2.5.2","v2.5.3","v2.5.4","v2.5.5","v2.6.0","v2.6.1","v2.6.2","v2.6.3","v2.6.4","v2.6.5","v2.6.6","v2.6.7","v2.7.0","v2.7.1","v2.7.2","v2.8.0","v2.8.1","v2.8.2","v2.9.0","v3.0.0","v3.0.0-beta.1","v3.0.0-beta.2","v3.0.0-beta.3","v3.0.0-beta.4","v3.0.0-beta.5","v3.0.0-beta.8","v3.0.1","v3.0.10","v3.0.2","v3.0.3","v3.0.4","v3.0.5","v3.0.6","v3.0.7","v3.0.8","v3.0.9","v3.1.0","v3.2.0","v3.2.1","v3.2.2","v3.2.3","v3.2.4","v3.2.5","v3.2.6","v3.3.0","v3.3.1","v3.3.2","v3.3.3","v3.3.4","v3.3.5","v3.4.0","v3.4.1","v3.4.10","v3.4.11","v3.4.12","v3.4.2","v3.4.3","v3.4.4","v3.4.5","v3.4.6","v3.4.7","v3.4.8","v3.4.9","v3.5.0","v3.5.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47823.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}]}