CVE-2018-7807

Name of the Vulnerable Software and Affected Versions: Data Center Expert versions 7.5.0 and earlier

Description: The issue allows for the upload of a malicious zip file from the user interface to the server, potentially containing path traversal file names. This could enable the arbitrary upload of files onto the server file system outside of the intended directory, leveraging the ZipSlip vulnerability within Java code.

Recommendations: For Data Center Expert versions 7.5.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.