Shapas

**Name of the Vulnerable Software and Affected Versions** Thruk versions prior to 3.12 **Description** The Thruk web monitoring application has a vulnerability in its file upload form, allowing a threat actor to upload files to any path on the server for which they have permissions. This issue is known as Path Traversal or Directory Traversal. **Recommendations** For versions prior to 3.12, update to version 3.12 to resolve the issue. As a temporary workaround, consider restricting access to the file upload form until the update can be applied.