Critical severityNVD Advisory· Published Dec 11, 2025· Updated Apr 15, 2026
CVE-2024-58298
CVE-2024-58298
Description
Compuware iStrobe Web 20.13 contains a pre-authentication remote code execution vulnerability that allows unauthenticated attackers to upload malicious JSP files through a path traversal in the file upload form. Attackers can exploit the 'fileName' parameter to upload a web shell and execute arbitrary commands by sending POST requests to the uploaded JSP endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=20.13+ 1 more
- (no CPE)range: =20.13
- (no CPE)range: =20.13
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.