Apache · Apache Hertzbeat · CVE-2024-41151
**Name of the Vulnerable Software and Affected Versions**
Apache HertzBeat versions prior to 1.6.1
**Description**
This issue is related to the deserialization of untrusted data, which can only be exploited by authorized attackers. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.
**Recommendations**
For Apache HertzBeat versions prior to 1.6.1, users are recommended to upgrade to version 1.6.1, which fixes the issue.