Yuyan-Sec

**Name of the Vulnerable Software and Affected Versions** Sonic version 1.0.4 **Description** The issue allows attackers to execute a directory traversal in the component /admin/backups/work-dir. This enables attackers to access files or directories outside the intended directory structure. **Recommendations** For Sonic version 1.0.4, consider restricting access to the /admin/backups/work-dir component until a patch is available. As a temporary workaround, avoid using the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** zdir version 3.2.0 **Description** The issue is related to an arbitrary file upload vulnerability in the /api/upload component. This vulnerability exists due to incorrect restriction of the directory path name with limited access. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code via a crafted .ssh file. The vulnerable component is the /api/upload endpoint, and the `filename` variable can be used to upload malicious files. **Recommendations** For zdir version 3.2.0, consider disabling the /api/upload component until a patch is available to prevent exploitation. Restrict access to the /api/upload endpoint to minimize the risk of arbitrary code execution. Avoid using the `filename` variable in the /api/upload endpoint until the issue is resolved.