CVE-2024-44849

Name of the Vulnerable Software and Affected Versions Qualitor versions up to 8.24

Description The issue concerns Remote Code Execution (RCE) via Arbitrary File Upload in the checkAcesso.php file. This allows for the execution of remote code, potentially leading to unauthorized access and control.

Recommendations For Qualitor versions up to 8.24, consider disabling the file upload functionality in checkAcesso.php until a patch is available. Restrict access to the checkAcesso.php file to minimize the risk of exploitation. Avoid using the file upload feature in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.