CVE-2024-47253

Name of the Vulnerable Software and Affected Versions: 2N Access Commander versions 3.1.1.2 and prior

Description: The issue is related to incorrect restriction of a directory path with limited access. Exploitation of this issue may allow a remote attacker to execute arbitrary code. This can be achieved by an attacker with administrative privileges, who can write files on the filesystem, potentially leading to arbitrary remote code execution. Users with lower privilege roles cannot exploit this issue.

Recommendations: For versions 3.1.1.2 and prior, consider restricting access to administrative privileges to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider limiting file system write access to prevent potential arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.