Kpz-Wm

**Name of the Vulnerable Software and Affected Versions** Byzoro PatrolFlow 2530Pro versions up to 20231126 **Description** A problematic issue affects the processing of the file /log/mailsendview.php. The manipulation of the `file` argument with the input /boot/phpConfig/tb admin.txt leads to path traversal. The attack may be initiated remotely. **Recommendations** For versions up to 20231126, as a temporary workaround, consider restricting access to the /log/mailsendview.php file until a patch is available. Avoid using the `file` argument with potentially malicious inputs in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.