What is CVE-2024-21534?

CVE-2024-21534 is a critical Remote Code Execution vulnerability affecting all versions of jsonpath-plus. Organizations must prioritize patching as this flaw can be exploited remotely, allowing arbitrary code execution.

What is the severity of CVE-2024-21534?

CVE-2024-21534 has a severity rating of CRITICAL with a CVSS base score of 9.8.

CVE-2024-21534 | Critical Vulnerability in jsonpath-plus

CVE-2024-21534 identifies a critical vulnerability affecting all versions of the package jsonpath-plus. This vulnerability allows Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute arbitrary code on the system by exploiting the unsafe default usage of vm in Node. Given its CVSS score of 9.8, the severity of this vulnerability cannot be overstated.

The risk to organizations includes potential unauthorized access to sensitive data, disruption of services, and complete system compromise. The vulnerability has been confirmed to be exploitable, thus organizations should prioritize patching immediately.

Although attempts were made to fix this issue in versions 10.0.0 to 10.1.0, it could still be exploited using different payloads. Therefore, continuous monitoring and immediate remediation steps are essential.

Organizations are advised to stay informed about this vulnerability and ensure that they are implementing adequate security measures.

Vulnerability Details

The official CVE description states that all versions of jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. The vulnerability is classified under CWE-94.

The vulnerability has a CVSS score of 9.8, indicating critical severity. This score reflects the potential impact of exploitation, which includes high confidentiality, integrity, and availability impact.

As for the affected product, jsonpath-plus is the target of this vulnerability. The issue was published on October 11, 2024.

Technical Analysis

The root cause of this vulnerability is improper input sanitization. This flaw allows attackers to craft requests that, when processed by the jsonpath-plus library, can lead to arbitrary code execution on the server.

The attack vector is network-based, enabling remote attackers to exploit this vulnerability without physical access.

The attack complexity is low, requiring no special conditions to execute the attack. Additionally, no privileges are required, and user interaction is not necessary.

The confidentiality, integrity, and availability impact scores are all high, indicating that an exploit could lead to significant damage.

Risk & Impact Analysis

The real-world deployment risk associated with this vulnerability is substantial. Organizations utilizing jsonpath-plus should assess their exposure and the potential blast radius of an exploit.

Given the critical nature of this vulnerability, organizations should prioritize their patching strategies immediately. The urgency is reflected in the CVSS score, indicating that failure to remediate could result in severe consequences.

Organizations must also consider the potential for exploitation in their environments and implement robust monitoring and incident response plans.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions of jsonpath-plus prior to the fixes in version 10.1.0 are affected by this vulnerability. Organizations should review their dependencies and update to the latest version to mitigate risks.

Mitigation & Remediation

Organizations should upgrade to version 10.1.0 or later of jsonpath-plus to remediate the vulnerability. If an upgrade is not immediately possible, implement additional input sanitization measures and monitor logs for suspicious activity.

For a comprehensive security posture, organizations may consider penetration testing to identify similar weaknesses in their applications.

Detection Guidance

Organizations should monitor their applications for unusual behavior, such as unexpected command execution or unusual input patterns. Log indicators that could signify exploitation attempts should be closely reviewed.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2024-21534 highlights the need for secure coding practices and thorough input validation. Organizations should take this incident as a reminder of the importance of regular security assessments.

This vulnerability represents a trend in exploitable libraries, underscoring the need for continuous monitoring and timely updates. Security teams must be vigilant in identifying and addressing similar vulnerabilities.

For further insights and best practices, organizations can refer to our guides on penetration testing methodology and vulnerability management programs to strengthen their defenses.

By addressing vulnerabilities proactively, organizations can significantly reduce their risk exposure and enhance their overall security posture.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2024-21534: Critical Vulnerability in jsonpath-plus