{"uuid": "4eebdecc-8cb2-466b-abcc-4a0fe7a5f356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39717", "type": "exploited", "source": "https://t.me/cibsecurity/79296", "content": "\ud83e\udd85 CVE-2024-39717 Exposes Critical Vulnerability in Versa Director \ud83e\udd85\n\n    Key Takeaways      This CVE202439717 vulnerability impacts Versa Director, a key platform for managing Versa SDWAN solutions used by ISPs and MSPs.   CVE202439717 involves an unrestricted file upload flaw that allows authenticated users to upload malicious files disguised as .png images.   Exploitation of this flaw can lead to unauthorized access and potential system compromise, posing a serious risk to affected organizations.   Cybles scan reveals 31 internetexposed instances of Versa Director, with 16 in the U.S., indicating significant potential for exploitation.   An APT actor has exploited the vulnerability due to a failure to implement recommended firewall and hardening measures.   Users are advised to upgrade to Versa Director version 22.1.4 or later and follow additional sec...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-08-28T20:10:39.000000Z"}