Cisco has released security updates for its products.
National CERT encourages users to apply available updates in order to prevent any kind of misuse by the attacker. Тhe most important is CVE-2024-20272 and CVE-2024-20253 vulnerabilities.
An attacker can manipulate file upload parameters to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
For more details please visit: Cisco Security Advisory.