CVE-2024-39717CISA KEVEPSS p89.2%

CVE-2024-39717Versa Director Dangerous File Type Upload Vulnerability

Versa / Director

Description

The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges to customize the user interface. The “Change Favicon” (Favorite Icon) enables the upload of a .png file, which can be exploited to upload a malicious file with a .png extension disguised as an image.

Scoring

EPSS4.01% probability of exploitation · percentile 89.2% · 2026-06-19T12:03:05Z

CISA KEV entry

Added to KEV: 2024-08-23

(incoming)1

TypeTargetConfidenceTier
KEVEntryVersa Director Dangerous File Type Upload Vulnerabilitykev-cve-2024-397170%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Advantive VeraCore Unrestricted File Upload Vulnerability
CVE
CVE-2025-48017
CVE
CVE-2025-27683
CVE
CVE-2026-41938
CVE
CVE-2025-49414
CVE
CVE-2026-21628
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.