CVE-2024-23793

🗓️ 06 Jun 2024 18:06:58Reported by OTRSType

OTRS file upload allows path traversal, leading to potential code execution

Reporter	Title	Published	Views	Family All 10
CNNVD	OTRS Security Vulnerabilities	6 Jun 202400:00	–	cnnvd
Cvelist	CVE-2024-23793 Upload of files outside application directory	6 Jun 202418:06	–	cvelist
EUVD	EUVD-2024-21246	3 Oct 202520:07	–	euvd
NVD	CVE-2024-23793	6 Jun 202419:15	–	nvd
OSV	CVE-2024-23793	6 Jun 202419:15	–	osv
OSV	UBUNTU-CVE-2024-23793	6 Jun 202419:15	–	osv
SUSE CVE	SUSE CVE-2024-23793	8 Jun 202403:04	–	susecve
UbuntuCve	CVE-2024-23793	6 Jun 202419:15	–	ubuntucve
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-23793	10 Sep 202500:00	–	nessus
Vulnrichment	CVE-2024-23793 Upload of files outside application directory	6 Jun 202418:06	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "modules": [
      "File Upload"
    ],
    "product": "OTRS",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThanOrEqual": "7.0.49",
        "status": "affected",
        "version": "7.0.x",
        "versionType": "Patch"
      },
      {
        "status": "affected",
        "version": "8.0.x"
      },
      {
        "status": "affected",
        "version": "2023.x"
      },
      {
        "lessThanOrEqual": "2024.3.2",
        "status": "affected",
        "version": "2024.x",
        "versionType": "Patch"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "((OTRS)) Community Edition",
    "vendor": "OTRS AG",
    "versions": [
      {
        "lessThanOrEqual": "6.0.34",
        "status": "affected",
        "version": "6.0.1",
        "versionType": "All"
      }
    ]
  }
]

Source	Link
otrs	www.otrs.com/release-notes/otrs-security-advisory-2024-05/

15 Apr 2026 00:35Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.3

EPSS0.00243

SSVC

CWE-22