CVE Catalog
CVE-2024-51366
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.70%
49th percentile - higher than 49% of all known CVEs
Summary
An arbitrary file upload vulnerability was found in the \Roaming\Omega component of OmegaT v6.0.1. It allows an attacker to execute arbitrary code by uploading a crafted .conf file.
Risk Assessment
The risk involves potential remote code execution, which could lead to system compromise, data theft, or malware installation.
Recommendation
It is recommended to immediately update OmegaT to the latest version and restrict .conf file uploads to trusted sources.
Original NVD description (English source)
An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows attackers to execute arbitrary code via uploading a crafted .conf file.

