Official Security Advisory – CVE-2024-44849
Publication Date: Nevember 9, 2024
CVE ID: CVE-2024-44849
Affected Product(s): Qualitor / Versions 8.20, 8.24
At Qualitor Software, we are committed to the security and integrity of our products. We aim to maintain transparency and provide ongoing support to our users. A security vulnerability has recently been identified in our software, referenced under CVE-2024-44849.
Vulnerability Description
The vulnerability was identified in the following file:
/html/ad/adfilestorage/request/checkAcesso.php
It could allow a remote attacker, even without authentication, to execute arbitrary commands on the affected server by exploiting a Remote Code Execution (RCE) vulnerability.
Resolution
Upon identification, our security team promptly developed and tested an effective fix to mitigate the risk.
The fix is available in the following versions:
• 8.20 changeset (40493651) – Released on November, 2024
• 8.24 changeset (4b000a8c) – Released on November, 2024
Users can request the update procedure through our official communication channels.
We strongly recommend that all users who have not yet applied this update do so as soon as possible to ensure continued system security.
Actions Taken
• Analysis and Mitigation: The vulnerability was investigated, and a corrective patch was implemented to eliminate the associated risk.
• Quality Assurance: Comprehensive testing was performed to ensure that the fix does not impact product stability or performance.
• Proactive Communication: Clients were informed of the update and advised to apply it immediately.
User Guidance
1. Verify your current product version and ensure you are running one of the following or a later patch:
o 8.20 changeset (40493651) – November, 2024
o 8.24 changeset (4b000a8c) – November, 2024
2. Apply the update according to the instructions provided via our official support channels.
3. If you have any questions or need assistance, please contact our support team through our official communication channels.
Security Commitment
At Qualitor Software, we take product security very seriously. We are continuously working to identify, resolve, and prevent vulnerabilities to ensure a safe environment for our users.
We will continue to monitor and improve our solutions to maintain customer trust and the integrity of systems using our products.
Contact
For questions or additional information, please contact our technical support team:
? Email: suporte@qualitor.com.br
? Support Portal: https://qualitor.qualitorsoftware.com/qualitor/LoginUsuario.php

