CVE-2024-47462

Name of the Vulnerable Software and Affected Versions: Instant AOS versions 8 through 10

Description: The issue is related to an arbitrary file creation vulnerability in the command line interface (CLI) of the affected operating systems. This vulnerability could allow an authenticated remote attacker to create arbitrary files, potentially leading to remote command execution (RCE) on the underlying operating system.

Recommendations: For Instant AOS versions 8 through 10, consider restricting access to the CLI to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the CLI for file creation operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.