CVE-2024-57338

Name of the Vulnerable Software and Affected Versions M2Soft CROWNIX Report & ERS versions 5.x through 5.5.14.1070 M2Soft CROWNIX Report & ERS versions 7.x through 7.4.3.960 M2Soft CROWNIX Report & ERS versions 8.x through 8.2.0.345

Description An arbitrary file upload issue allows attackers to execute arbitrary code via supplying a crafted file.

Recommendations For versions 5.x through 5.5.14.1070, restrict access to file upload functionality to minimize the risk of exploitation. For versions 7.x through 7.4.3.960, consider disabling file upload features until a patch is available. For versions 8.x through 8.2.0.345, avoid using the file upload module to prevent potential code execution. At the moment, there is no information about a newer version that contains a fix for this issue.