{"id":12802,"date":"2024-08-28T02:25:27","date_gmt":"2024-08-28T02:25:27","guid":{"rendered":"https:\/\/sekuritasit.com\/?p=12802"},"modified":"2024-08-28T02:25:27","modified_gmt":"2024-08-28T02:25:27","slug":"versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/","title":{"rendered":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)"},"content":{"rendered":"<p>What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an image file. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-39717 to its \u201cKnown Exploited Vulnerabilities\u201d list.What is the recommended Mitigation?Versa Networks has released a patch to address this vulnerability and has mentioned in their advisory that the vulnerability has already been exploited by an Advanced Persistent Threat actor.What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by the vendor to secure their systems and follow their system hardening guidelines.FortiGuard Labs has blocked known malware used in campaign related to the Versa Director Dangerous File Type Upload Vulnerability. Java\/CVE_2024_39717.A!exploitThe FortiGuard Incident Response team can be engaged to help with any suspected compromise.FortiGuard Labs is further investigating to provide protections and will update this Threat Signal Report with more information once it becomes available.<a href=\"https:\/\/fortiguard.fortinet.com\/threat-signal-report\/5511\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-12802","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2024-08-28T02:25:27+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-08-28T02:25:27+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#blogposting\",\"name\":\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \\u203a Sekuritas IT\",\"headline\":\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"datePublished\":\"2024-08-28T02:25:27+00:00\",\"dateModified\":\"2024-08-28T02:25:27+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#listItem\",\"name\":\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#listItem\",\"position\":3,\"name\":\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/\",\"name\":\"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \\u203a Sekuritas IT\",\"description\":\"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \\u201cChange Favicon\\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/08\\\/28\\\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"datePublished\":\"2024-08-28T02:25:27+00:00\",\"dateModified\":\"2024-08-28T02:25:27+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT","description":"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#blogposting","name":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT","headline":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"datePublished":"2024-08-28T02:25:27+00:00","dateModified":"2024-08-28T02:25:27+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#listItem","name":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#listItem","position":3,"name":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/","name":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT","description":"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"datePublished":"2024-08-28T02:25:27+00:00","dateModified":"2024-08-28T02:25:27+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT","og:description":"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an","og:url":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/","article:published_time":"2024-08-28T02:25:27+00:00","article:modified_time":"2024-08-28T02:25:27+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717) \u203a Sekuritas IT","twitter:description":"What is the Vulnerability?The Versa Director GUI contains a zero-day dangerous file type upload vulnerability (CVE-2024-39717) that allows attackers to upload potentially malicious files, granting them system administrator access. This flaw effects the \u201cChange Favicon\u201d (Favorite Icon) option that can be misused to upload a malicious file ending with .png extension to masquerade as an"},"aioseo_meta_data":{"post_id":"12802","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2024-08-28 02:41:17","updated":"2025-10-15 11:30:01","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tVersa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"Versa Director Dangerous File Type Upload Vulnerability (CVE-2024-39717)","link":"https:\/\/sekuritasit.com\/index.php\/2024\/08\/28\/versa-director-dangerous-file-type-upload-vulnerability-cve-2024-39717\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/12802","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=12802"}],"version-history":[{"count":1,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/12802\/revisions"}],"predecessor-version":[{"id":12804,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/12802\/revisions\/12804"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=12802"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=12802"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=12802"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}