CVE-2024-57728 — SimpleHelp SimpleHelp: SimpleHelp Path Traversal Vulnerability
CVE-2024-57728 — SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.
What This Means For You
- CISA has confirmed active exploitation — immediate patching required.
- Added to CISA KEV catalog — federal agencies must remediate by 2026-05-08.
Related ATT&CK Techniques
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2024-57728 | Path Traversal | SimpleHelp: arbitrary file upload via crafted zip file (zip slip) |
| CVE-2024-57728 | RCE | SimpleHelp: arbitrary code execution on host |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | CISA |
| Channel | CISA KEV |
| Channel ID | cisa-kev |
| Message ID | 202457728 |
| Published | April 24, 2026 at 15:00 UTC |
| Original Link | https://simple-help.com/kb---security-vulnerabilities-01-... |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-42171: NSIS Privilege Escalation Vulnerability
CVE-2026-42171 — NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to...
CVE-2026-41481 — Server-Side Request Forgery
CVE-2026-41481 — LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.split_text_from_url() validated the initial URL using validate_safe_url() but then...
Saltcorn SQL Injection (CVE-2026-41478) Exposes Sensitive Data
CVE-2026-41478 — Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync...