AI description
CVE-2024-58136 is a vulnerability in Yii 2, a PHP framework, affecting versions prior to 2.0.52. It involves mishandling the attaching of behavior that is defined by an `__class` array key. This vulnerability is a regression of a previously patched issue, CVE-2024-4990. The vulnerability allows attackers to manipulate the behavior of Yii 2 web applications. It stems from improper type and configuration checks in Yii's use of PHP's `__set()` magic method and the `Yii::createObject()` function, potentially leading to the instantiation of arbitrary PHP classes with malicious arguments. This vulnerability was actively exploited between February and April 2025.
- Description
- Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.
- Source
- cve@mitre.org
- NVD status
- Modified
- Products
- yii
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Yiiframework Yii Improper Protection of Alternate Path Vulnerability
- Exploit added on
- May 2, 2025
- Exploit action due
- May 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- cve@mitre.org
- CWE-424
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
🚨 CVE-2024-58136 - critical 🚨 Yii2 PHP Framework < 2.0.52 - Remote Code Execution > Yii2 PHP Framework before 2.0.52 is vulnerable to remote code execution via improper ... 👾 https://t.co/716gqhAzQq @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
22 Jul 2025
165 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Yii 2 CVE-2024-58136 - working PoC. #BugBounty #RCE #YII2 https://t.co/yXelFSb7qD
@nav1n0x
27 May 2025
6720 Impressions
10 Retweets
165 Likes
54 Bookmarks
3 Replies
0 Quotes
Yii 2 RCE CVE-2024-58136 - working PoC. #BugBounty #RCE #YII2 https://t.co/Hdn4tga4vP
@nav1n0x
27 May 2025
407 Impressions
2 Retweets
12 Likes
4 Bookmarks
1 Reply
0 Quotes
A new @rapid7 Analysis of CVE-2024-58136 was just published to AttackerKB, courtesy of Calum Hutton 🔥 Affecting the Yii framework, this analysis details the root cause and how it can be leveraged for RCE via a dirty file write to a log file: https://t.co/aoffB5RmXh
@stephenfewer
27 May 2025
4543 Impressions
19 Retweets
54 Likes
17 Bookmarks
1 Reply
0 Quotes
csirt_it: La Settimana Cibernetica del 4 maggio 2025 🔹 aggiornamenti per molteplici prodotti 🔹 Malvertising: diffusione dei malware NodeStealer e Xworm 🔹 Craft CMS: rilevata catena di sfruttamento attivo delle CVE-2025-32432 e CVE-2024-58136 ⚠️ #EPS… https://t.co
@Vulcanux_
5 May 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La Settimana Cibernetica del 4 maggio 2025 🔹 aggiornamenti per molteplici prodotti 🔹 Malvertising: diffusione dei malware NodeStealer e Xworm 🔹 Craft CMS: rilevata catena di sfruttamento attivo delle CVE-2025-32432 e CVE-2024-58136 ⚠️ #EPSS 🔗 https://t.co/0ICeD
@csirt_it
5 May 2025
126 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Yiiframework Yii Improper Protection of Alternate Path Vulnerability Exploited In The wild 🚨 Vulnerability Details: CVE-2024-58136 (CVSS v3 9.8/10) Yiiframework Yii Improper Protection of Alternate Path Vulnerability Impact: A Successful exploit may allow a h
@CyberxtronTech
5 May 2025
49 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
⚠️ Critical RCE vuln in Yii Framework (CVE-2024-58136) is now in CISA’s Known Exploited Vulnerabilities. Affects versions < 2.0.52. Immediate patching urged. #CyberSecurity #YiiFramework #CVE202458136 🔗 https://t.co/cbFhQzXTPQ
@threatsbank
3 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-58136 ##Yiiframework Yii Improper Protection of Alternate Path Vulnerability https://t.co/AFCK1KqTh7
@ScyScan
2 May 2025
8 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Yii framework and Commvault vulnerabilities CVE-2024-58136 & CVE-2025-34028 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. https://t.co/Eil0idoZXD
@CISACyber
2 May 2025
5670 Impressions
12 Retweets
22 Likes
3 Bookmarks
1 Reply
3 Quotes
به تازگی برای Craft CMS دو آسیب پذیری با کدهای شناسایی CVE-2025-32432 از نوع RCE و CVE-2024-58136 از نوع input validation منتشر شده است. برای پیشگیری و مقابله به روز رسانی لازم را اعم
@AmirHossein_sec
29 Apr 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🗞️ Critical Craft CMS Zero-Days Exploited to Compromise Hundreds of Servers Hackers are actively exploiting two Craft CMS zero-days (CVE-2025-32432, CVE-2024-58136), breaching ~300 of 13,000 vulnerable servers since Feb 2025. Update to patched versions (3.9.15, 4.14.15, 5.6
@gossy_84
29 Apr 2025
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️ #Exploited Rilevata catena di sfruttamento attivo in rete delle CVE-2025-32432 e CVE-2024-58136 relative a #CraftCMS e #Yii framework Rischio: 🟠 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/haZOIpDqcO ⚠ Importante aggiornare i s… https://t.c
@Vulcanux_
29 Apr 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 13,000+ Servers at Risk: Critical Craft CMS Flaws Under Active Attack 🚨 Cybercriminals are exploiting two newly disclosed critical vulnerabilities in Craft CMS, targeting servers in a wave of zero-day attacks. Here’s what’s happening: - CVE-2024-58136 (CVSS 9.0): Ex
@efani
28 Apr 2025
284 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32432: RCE in CraftCMS, 10.0 rating 🔥🔥🔥 0-day vuln makes some versions of CraftCMS vulnerable to RCE. Used in the wild in combination with CVE-2024-58136. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/EbJurfzSUw #cybersecurity #vulnerability_map
@Netlas_io
28 Apr 2025
715 Impressions
5 Retweets
12 Likes
2 Bookmarks
0 Replies
0 Quotes
Two zero-day vulnerabilities in Craft CMS, CVE-2025-32432 (RCE) and CVE-2024-58136 (input validation flaw in Yii framework), were exploited in ongoing attacks to breach servers and steal data. https://t.co/SBiO8qxeX7
@securityRSS
28 Apr 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 هاكرز يستغلون عيوبًا أمنية حرجة في Craft CMS، مما يعرض مئات الخوادم للاختراق. تم رصد هذه الهجمات من قبل Orange Cyberdefense SensePost منذ 14 فبراير 2025، وتستند إلى ثغرات مر
@Cybercachear
28 Apr 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Craft CMSのゼロデイ脆弱性CVE-2025-32432(CVSSスコア10)に対応するMetasploitモジュールが公表された。Yiiフレームワークにおける入力検証不備CVE-2024-58136と組み合わせるもので、実際に悪用されている組み合わせ。Yi
@__kokumoto
28 Apr 2025
66 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Craft CMS zero-day exploit!🚨 CVE-2025-32432 & CVE-2024-58136 chained in attacks to breach servers & steal data. Update to the latest version ASAP! If you suspect compromise, refresh security keys & rotate DB credentials! #Cybersecurity #CraftCMS https://t.co/0
@fernandokarl
27 Apr 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Two zero-day vulnerabilities in Craft CMS, CVE-2025-32432 (RCE) & CVE-2024-58136 (input validation), have been exploited in data breaches. Security measures are crucial. #CraftCMS #DataSteal #USA link: https://t.co/IRIOfZ0Qre https://t.co/KWWwThgP0h
@TweetThreatNews
25 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Urgent: Yii 2 Vulnerability CVE-2024-58136 Under Active Exploit A critical flaw in Yii 2 exposes applications to remote code execution. Attackers are actively exploiting this vulnerability—patch immediately. https://t.co/J8OgL2pADg #Cybersecurity #YiiFramework #RCE
@adriananglin
14 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-58136 ⚠️🔴 CRITICAL (9) 🏢 yiiframework - Yii 🏗️ 2 🔗 https://t.co/wkGn6xY2xy 🔗 https://t.co/UsRNMGVRsg 🔗 https://t.co/UM29XMCEiy 🔗 https://t.co/w343octaf5 🔗 https://t.co/Kgcm0WrQ5k #CyberCron #VulnAlert #InfoSec https://t.co/oNmfWQDK6b
@cybercronai
11 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-58136 Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February thr… https://t.co/QHqLpJqSS0
@CVEnew
10 Apr 2025
273 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E119EC3D-E5D1-4F38-B7C7-76C81798B4F7",
"versionEndExcluding": "2.0.52"
}
],
"operator": "OR"
}
]
}
]