CVE-2024-23822

Name of the Vulnerable Software and Affected Versions Thruk versions prior to 3.12

Description The Thruk web monitoring application has a vulnerability in its file upload form, allowing a threat actor to upload files to any path on the server for which they have permissions. This issue is known as Path Traversal or Directory Traversal.

Recommendations For versions prior to 3.12, update to version 3.12 to resolve the issue. As a temporary workaround, consider restricting access to the file upload form until the update can be applied.