← back
CVE-2022-24254

CVE-2022-24254

EPSS 2.9%
An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://extensis.comhttp://portfolio.comhttps://snyk.io/research/zip-slip-vulnerabilityhttps://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/