CVE-2024-0713

Name of the Vulnerable Software and Affected Versions Monitorr version 1.7.6m

Description A critical vulnerability was found in Monitorr, affecting an unknown functionality of the file /assets/php/upload.php in the Services Configuration component. The manipulation of the fileToUpload argument leads to unrestricted upload. This issue can be exploited remotely.

Recommendations For Monitorr version 1.7.6m, as a temporary workaround, consider restricting access to the /assets/php/upload.php file until a patch is available. Avoid using the fileToUpload argument in the affected upload functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.