Name of the Vulnerable Software and Affected Versions TrueConf Server (affected versions not specified)

Description The issue is related to the conf id parameter in TrueConf Server, which allows for path traversal in the /client/upsld/v1 scenario. Exploitation of this issue may enable a remote attacker to execute arbitrary code by writing a specially crafted php file to a folder accessible through the web interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.