CVE-2024-47531

Name of the Vulnerable Software and Affected Versions Scout versions prior to 4.89

Description The issue arises from the lack of sanitization in filenames, allowing bypass of intended file extensions. This enables the download of malicious files with any extension. If users unknowingly download and open these files, it may lead to device or data compromise.

Recommendations For versions prior to 4.89, update to version 4.89 to resolve the issue. As a temporary workaround, consider restricting the download of files from the Scout visualizer to minimize the risk of exploitation. Avoid opening files downloaded from the visualizer until the issue is resolved.