CVE-2024-0643

Name of the Vulnerable Software and Affected Versions C21 Live Encoder and Live Mosaic product version 5.3

Description The issue allows a remote attacker to upload different file extensions without any restrictions, resulting in a full system compromise. This is due to an unrestricted upload of dangerous file types.

Recommendations For version 5.3, consider restricting or disabling file upload functionality until a patch is available to prevent remote attackers from uploading malicious files. As a temporary workaround, restrict access to the file upload feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.