CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2024-14037

criticalCVSS 9.8covered by 1 sourcefirst seen 2026-07-02
Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution by uploading malicious files through the PtFjk.mob servlet endpoint. Attackers can submit a multipart POST request with a JSP webshell disguised using a spoofed image/jpeg Content-Type to bypass the absence of extension and MIME type validation, with the uploaded file stored at a predictable path under the uploadfile directory and executed directly by the web server. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-11-03 (UTC).

⚡ Watch CVE-2024-14037

Get an email if CVE-2024-14037 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2024-14037

CVE.org record

Embed the live status

CVE-2024-14037 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2024-14037 status](https://www.csirts.com/badge/CVE-2024-14037)](https://www.csirts.com/cve/CVE-2024-14037)