CVE-2024-37679

Name of the Vulnerable Software and Affected Versions Finesoft versions 8.0 and before

Description The issue allows a remote attacker to execute arbitrary code via a crafted script to the "login.jsp" parameter. This enables the attacker to perform actions such as executing arbitrary code.

Recommendations For versions 8.0 and before, update to a version that fixes this issue, as the current version allows for the execution of arbitrary code by a remote attacker. At the moment, there is no information about a newer version that contains a fix for this vulnerability.