CVE-2024-28826

Published: 2024-05-29T10:15Z

Last Modified: 2024-12-04T16:32Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Improper restriction of local upload and download paths in check_sftp in Checkmk before 2.3.0p4, 2.2.0p27, 2.1.0p44, and in Checkmk 2.0.0 (EOL) allows attackers with sufficient permissions to configure the check to read and write local files on the Checkmk site server. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt