CVE-2024-29434 Information

Description

An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file.

Reference

https://github.com/Raybye/alldata-bug/blob/main/alldata.md https://gist.github.com/Raybye/6cf4aa273e12a220056e38bec764d42d