CVE-2026-24729

Vulnerability Description

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file.

Related Weaknesses (CWE)

CWE-434

References

https://zuso.ai/advisory/za-2026-02

FAQ

What is CVE-2026-24729?

CVE-2026-24729 is a documented vulnerability. An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system comm...

How severe is CVE-2026-24729?

CVSS scoring is not yet available for CVE-2026-24729. Check NVD for updates.

Is there a patch for CVE-2026-24729?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.