THREATOPS
THREAT OPSCVEs › CVE-2024-57728

CVE-2024-57728 — SimpleHelp Path Traversal Vulnerability

CISA KEVExploited: confirmedSimpleHelp

SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.

Vulnerability details

Related reporting