CVE-2018-7806

Name of the Vulnerable Software and Affected Versions: Data Center Operation (affected versions not specified)

Description: The issue allows for the arbitrary upload of files onto the server file system outside of the intended directory by exploiting the ZipSlip vulnerability within Java code. This can occur when a carefully crafted, malicious zip file is uploaded by an authenticated user, potentially containing path traversal file names.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.