3 matches found
CVE-2025-24291
The Versa Director SD-WAN orchestration platform provides functionality to upload various types of files. However, the Java code handling file uploads contains an argument injection vulnerability. By appending additional arguments to the file name, an attacker can bypass MIME type validation,...
CVE-2025-24291
The Versa Director SD-WAN orchestration platform provides functionality to upload various types of files. However, the Java code handling file uploads contains an argument injection vulnerability. By appending additional arguments to the file name, an attacker can bypass MIME type validation,...
CVE-2025-24291
Versa Director SD-WAN orchestration platform contains a vulnerability in the Java file-upload handling where argument-injection in the filename bypasses MIME-type validation, enabling uploading of arbitrary file types and placement of a malicious file on disk. Exploitation status in sources is no...