Skip to main content

CVE-2026-24729

Unrestricted Upload of File with Dangerous Type (CWE-434)
2026-01-30 ART@zuso.ai

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:00 vuln.today
CVE Published
Jan 30, 2026 - 05:16 nvd
N/A

DescriptionCVE.org

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file.

AnalysisAI

An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions up to 2025 is affected by unrestricted upload of file with dangerous type.

Technical ContextAI

This vulnerability (CWE-434: Unrestricted Upload of File with Dangerous Type) exists in the file upload component. An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker versions before 2025/10/22 allows remote attackers to execute arbitrary system commands via a malicious class file.

Affected ProductsAI

Product: An unrestricted upload of file with dangerous type vulnerability in the file upload function of Interinfo DreamMaker. Versions: up to 2025. Component: file upload.

RemediationAI

Monitor vendor advisories for a patch. Validate file types by content. Store uploads outside web root.

Share

CVE-2026-24729 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy