On 10 January 2024, Cisco disclosed a critical vulnerability, CVE-2024-20272, with a CVSS score of 7.3, in their Cisco Unity Connection software. This vulnerability allows an unauthenticated remote attacker to upload arbitrary files and execute commands on the underlying operating system. Cisco has released a patch to address the issue. While there is no evidence … CVE-2024-20272: Critical Unauthenticated Arbitrary File Upload Vulnerability in Cisco Unity Connection
Article Link: CVE-2024-20272: Critical Unauthenticated Arbitrary File Upload Vulnerability in Cisco Unity Connection - Arctic Wolf