CVE-2024-54214

Name of the Vulnerable Software and Affected Versions: Revy versions 1.1 through 1.18

Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential takeover of the server.

Recommendations: For versions 1.1 through 1.18, consider restricting or disabling file upload functionality until a patch is available. As a temporary workaround, restrict access to sensitive areas of the web server to minimize the risk of exploitation.