CVE-2023-2621

Name of the Vulnerable Software and Affected Versions McFeeder server (distributed as part of SSW package) (affected versions not specified)

Description The McFeeder server is susceptible to an arbitrary file write vulnerability on the MAIN computer system. This issue stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to the McFeeder server. An authenticated malicious client can exploit this vulnerability by uploading a crafted ZIP archive via the network to McFeeder's service endpoint.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.