Security Advisory

CVE-2024-44373

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-19 00:00:00
Last updated 2025-12-03 16:59:34
Assigner mitre
State PUBLISHED

Description

A Path Traversal vulnerability in AllSky v2023.05.01 through v2024.12.06_06 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/save_file.php.