TYPO3-CORE-SA-2024-002: Code Execution in TYPO3 Install Tool

Categories: Development, TYPO3 CMS Created by Oliver Hader
It has been discovered that TYPO3 CMS is vulnerable to code execution.
  • Component Type: TYPO3 CMS
  • Subcomponent: Install Tool (ext:install)
  • Release Date: February 13, 2024
  • Vulnerability Type: Code Execution
  • Affected Versions: 8.0.0-8.7.56, 9.0.0-9.5.45, 10.0.0-10.4.42, 11.0.0-11.5.34, 12.0.0-12.4.10, 13.0.0
  • Severity: Medium
  • Suggested CVSS: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
  • References: CVE-2024-22188, CWE-94

Problem Description

Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backend user account with system maintainer permissions.

The corresponding change for this advisory involves enforcing the known disadvantages described in TYPO3-PSA-2020-002: Protecting Install Tool with Sudo Mode.


Update to TYPO3 versions 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, 13.0.1 that fix the problem described.


Thanks to Rickmer Frier & Daniel Jonka who reported this issue and to TYPO3 core & security team member Benjamin Franzke who fixed the issue.

General Advice

Follow the recommendations that are given in the TYPO3 Security Guide. Please subscribe to the typo3-announce mailing list.

General Note

All security-related code changes are tagged so you can easily look them up in our review system.