Name of the Vulnerable Software and Affected Versions:

Vaelsys version 4.1.0

Description:

A critical vulnerability exists in the User Creation Handler component of the software, affecting unknown processing of the file `/grid/vgrid server.php`. This manipulation results in improper authorization, potentially allowing remote attackers to exploit the issue. The exploit has been publicly disclosed. The vendor was contacted regarding this disclosure but did not respond.

Recommendations:

Versions prior to 4.1.0 are not affected.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.