CVE-2024-3497

Name of the Vulnerable Software and Affected Versions: Toshiba e-STUDIO versions (affected versions not specified)

Description: The issue is related to a path traversal vulnerability in the web server of Toshiba printers, which can be exploited by an attacker to overwrite original files or add new ones to the printer. This vulnerability is associated with errors in handling relative paths to directories in the unzip method of the firmware. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code, create new files, or overwrite existing ones.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.