CVE-2009-3447

Name of the Vulnerable Software and Affected Versions RADactive I-Load versions prior to 2008.2.5.0

Description The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension and then sending a request for a predictable filename during a short time window. This is due to an unrestricted file upload vulnerability.

Recommendations For versions prior to 2008.2.5.0, update to version 2008.2.5.0 or later to resolve the issue. As a temporary workaround, consider restricting file uploads to only allow non-executable file extensions until a patch is applied.