An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.
[
{
"vendor": "n/a",
"product": "Avalanche",
"versions": [
{
"version": "Avalanche version 6.3.x and below",
"status": "affected"
}
]
}
]