CVE-2017-9650

Name of the Vulnerable Software and Affected Versions ALC WebCTRL, i-Vu, SiteScan Web versions 5.2 through 6.5 ALC WebCTRL, SiteScan Web versions 6.1 and prior ALC WebCTRL, i-Vu versions 6.0 and prior

Description An Unrestricted Upload of File with Dangerous Type issue allows an authenticated attacker to upload a malicious file, potentially enabling the execution of arbitrary code.

Recommendations For ALC WebCTRL, i-Vu, SiteScan Web versions 5.2 through 6.5, restrict file upload capabilities to prevent malicious file uploads until a fix is available. For ALC WebCTRL, SiteScan Web versions 6.1 and prior, consider disabling file upload features to minimize the risk of exploitation. For ALC WebCTRL, i-Vu versions 6.0 and prior, avoid using file upload functionality in the affected software until the issue is resolved.