A vulnerability, which was classified as problematic, has been found in Novel-Plus 4.3.0-RC1. This issue affects some unknown processing of the file /sysFile/upload. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2024-25274. Access to the local network is required for this attack to succeed. There is no exploit available.