Vulnerability in DDI Central Could Allow Directory Traversal
CVE-2024-27311
8.8HIGH
What is CVE-2024-27311?
A directory traversal vulnerability exists in ManageEngine DDI Central versions 4001 and earlier, allowing attackers to manipulate file paths and upload arbitrary files to the server's file system. This can lead to unauthorized access and potential compromise of sensitive data. Implementing appropriate input validation and restricting file upload capabilities are essential measures to mitigate this risk.
Affected Version(s)
DDI Central 0 <= 4001