CVE-2024-44373

Published: Aug 19, 2025

Modified: Dec 3, 2025

PUBLISHED

Description

A Path Traversal vulnerability in AllSky v2023.05.01 through v2024.12.06_06 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/save_file.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/AllskyTeam/allsky

https://github.com/AllskyTeam/allsky/blob/master/html/includes/save_file.php

https://lean-strand-cb6.notion.site/CVE-2024-44373-21efbd400a6c80f4a5abf5d5eb9b068c

https://gh0stmezh.wordpress.com/2024/08/25/cve-2024-44373/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-44373

Description

Affected Products

References