CVE-2024-11311

Name of the Vulnerable Software and Affected Versions TRCore DVC (affected versions not specified)

Description The issue concerns a Path Traversal vulnerability in the DVC from TRCore, which also fails to restrict the types of files that can be uploaded. This vulnerability allows unauthenticated remote attackers to upload arbitrary files to any directory. As a result, attackers can achieve arbitrary code execution by uploading webshells.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.