25Eki
CVE-2024-48931 | IceWhaleTech ZimaOS up to 1.2.4 on x86-64 API Endpoint /v3/file?token files path traversal (GHSA-hjw2-9gq5-qgwj)
A vulnerability classified as critical has been found in IceWhaleTech ZimaOS up to 1.2.4 on x86-64. This affects an unknown part of the file /v3/file?token of the component API Endpoint. The manipulation of the argument files leads to path traversal. This vulnerability is uniquely identified as CVE-2024-48931. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.