CVE-2024-29434

Name of the Vulnerable Software and Affected Versions Alldata version 0.4.6

Description The issue in the system image upload interface allows attackers to execute a directory traversal when uploading a file. This enables them to access or modify files outside the intended directory, potentially leading to unauthorized data access or system compromise.

Recommendations For Alldata version 0.4.6, consider restricting access to the system image upload interface until a patch is available. As a temporary workaround, avoid using the file upload feature to minimize the risk of exploitation.