CVE-2024-54285

Name of the Vulnerable Software and Affected Versions: SeedProd Pro versions n/a through 6.18.10

Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the server.

Recommendations: For versions n/a through 6.18.10, update to a version later than 6.18.10 to resolve the issue. As a temporary workaround, consider restricting file uploads to prevent the upload of harmful file types until a patch is available. Restrict access to the file upload functionality to minimize the risk of exploitation.