Apache · Apache Fineract · CVE-2022-44635
**Name of the Vulnerable Software and Affected Versions**
Apache Fineract versions prior to 1.8.1
**Description**
Apache Fineract allowed an authenticated user to perform remote code execution due to a path traversal vulnerability in a file upload component, allowing an attacker to run remote code.
**Recommendations**
For Apache Fineract versions prior to 1.8.1, upgrade to version 1.8.1 to resolve the issue. As a temporary workaround, consider restricting access to the file upload component to minimize the risk of exploitation.