A vulnerability, which was classified as critical, was found in NukeViet. Affected is an unknown function of the file /admin/extensions/download.php. The manipulation leads to deserialization.

This vulnerability is traded as CVE-2024-36528. Access to the local network is required for this attack to succeed. There is no exploit available.