CVE-2024-25832

Name of the Vulnerable Software and Affected Versions F-logic DataCube3 version 1.0

Description The issue is related to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of a dangerous type by manipulating the filename extension. This could potentially enable a remote attacker to execute arbitrary code.

Recommendations For F-logic DataCube3 version 1.0, consider restricting file uploads to only allow specific, safe file types until a patch is available. As a temporary workaround, disabling file upload functionality may help minimize the risk of exploitation.