Agustín Picazo

**Name of the Vulnerable Software and Affected Versions** ConacWin CB versions 3.8.2.2 and earlier **Description** The issue is a relative path traversal vulnerability that could allow an attacker to perform an arbitrary download of files from the system via the `Download file` parameter. **Recommendations** For ConacWin CB versions 3.8.2.2 and earlier, consider restricting access to the `Download file` parameter until a patch is available. As a temporary workaround, avoid using the `Download file` parameter in the affected system to minimize the risk of exploitation.