An authenticated remote code execution vulnerability exists due to improper file upload restrictions, allowing users to compromise the host server by executing malicious scripts.

The application fails to properly validate the contents and extensions of uploaded files. An authenticated user can bypass existing checks to upload a malicious script (such as a web shell) and execute it, resulting in full Remote Code Execution (RCE).

While this exploit requires authentication, the impact is critical as it allows any user with upload privileges to escalate their access to the server level. This can lead to lateral movement within the network, data exfiltration, and the installation of persistent malware, justifying the CVSS score of 9.1.

Immediate Action: Update the affected software to the latest version and implement strict file-type validation (MIME-type and extension) for all upload fields.

Proactive Monitoring: Audit all recently uploaded files in the application's storage directories for suspicious scripts (.php, .asp, .exe) and review web server execution logs.

Compensating Controls: Configure the upload directory with "no-execute" permissions at the web server level and utilize an antivirus/malware scanner to inspect all incoming files.

Public Exploit Available: No

Organizations should immediately apply the available patch to secure the file upload mechanism. Furthermore, the principle of least privilege should be applied to ensure that only necessary users have file upload permissions, reducing the overall attack surface.