CVE-2024-55466 Information

Description

An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community ThingsBoard Cloud and ThingsBoard Professional v3.8.1 allows attackers to execute arbitrary code via uploading a crafted file.

Reference

https://github.com/cybsecsid/ThingsBoard-IoT-Platform-CVE-2024-55466 https://github.com/thingsboard/thingsboard/releases/tag/v3.8.1