A vulnerability classified as very critical has been found in Checkmk up to 2.0.0p39/2.1.0p43/2.2.0p26/2.3.0p3. Affected is the function
check_sftp
. The manipulation leads to file inclusion.
This vulnerability is traded as CVE-2024-28826. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.