CVE-2024-50054 Information

Description

The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07