CVE-2024-2599

Name of the Vulnerable Software and Affected Versions AMSS++ version 4.31

Description The issue is related to a file upload restriction evasion vulnerability. This could allow an authenticated user to potentially obtain remote code execution (RCE) through a webshell, compromising the entire infrastructure.

Recommendations For AMSS++ version 4.31, consider restricting file uploads or disabling the vulnerable functionality until a patch is available. As a temporary workaround, limit access to the file upload feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.