Donghao1107

**Name of the Vulnerable Software and Affected Versions** EMQX version 4.3.8 **Description** An issue in the emqx sn plugin allows attackers to execute a directory traversal via uploading a crafted .txt file. **Recommendations** For EMQX version 4.3.8, consider restricting access to the emqx sn plugin until a patch is available. As a temporary workaround, avoid uploading .txt files to prevent potential directory traversal attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.