CVE-2024-41163

Name of the Vulnerable Software and Affected Versions Veertu Anka Build version 1.42.0

Description A directory traversal vulnerability exists in the archive functionality of Veertu Anka. This vulnerability can be triggered by a specially crafted HTTP request, potentially leading to the disclosure of sensitive information. An attacker can make an unauthenticated HTTP request to exploit this issue.

Recommendations For Veertu Anka Build version 1.42.0, consider disabling the archive download functionality until a patch is available to prevent potential exploitation. Restrict access to sensitive information and limit unauthenticated HTTP requests to minimize the risk of disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.