CVE-2024-29848 Information

Description

An unrestricted file upload vulnerability in web component of Ivanti Avalanche before 6.4.x allows an authenticated privileged user to execute arbitrary commands as SYSTEM.

Reference

https://forums.ivanti.com/s/article/Security-Advisory-May-2024