CVE-2024-5168

Name of the Vulnerable Software and Affected Versions Prodys' Quantum Audio codec versions 2.3.4t and below

Description The issue is related to improper access control, allowing an unauthenticated user to bypass authentication and execute arbitrary API requests against the web application.

Recommendations For versions 2.3.4t and below, consider restricting access to the web application until a patch is available. As a temporary workaround, limit the execution of arbitrary API requests to minimize the risk of exploitation. Avoid using the vulnerable Quantum Audio codec until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.