CVE-2024-27939

Name of the Vulnerable Software and Affected Versions RUGGEDCOM CROSSBOW versions prior to V5.5

Description The issue is related to weaknesses in the authorization procedure of the secure access management system. It allows an unauthenticated user to upload arbitrary files, which can be leveraged by an attacker to achieve arbitrary code execution with system privileges.

Recommendations For versions prior to V5.5, update to version V5.5 or later to resolve the issue. As a temporary workaround, consider restricting access to file upload functionality to minimize the risk of exploitation.