Vulnerability — CVE-2024-24202

CVE-2024-24202

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2024-24202
Description:: An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary code via uploading a crafted .txt file.
Last updated date:: 02/15/2024

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/15/2024
Reference url to background: https://clammy-blizzard-8ef.notion.site/Zentao-PMS-Authorized-Remote-Code-Execution-Vulnerability-1077a870c92848e18fe0c139c4fc2176