CVE-2024-23811

Name of the Vulnerable Software and Affected Versions SINEC NMS versions prior to V2.0 SP1

Description A vulnerability has been identified in the affected application, allowing users to upload arbitrary files via TFTP. This could allow an attacker to upload malicious firmware images or other files, potentially leading to remote code execution.

Recommendations For versions prior to V2.0 SP1, update to V2.0 SP1 or later to resolve the issue. As a temporary workaround, consider restricting access to the TFTP upload functionality to minimize the risk of exploitation.