CVE-2021-43934

Name of the Vulnerable Software and Affected Versions Elcomplus SmartPTT (affected versions not specified)

Description The issue is related to the unlimited upload of dangerous file types in the update loading function of the scada-server. This could allow a remote attacker to execute arbitrary code. The backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.