@663e5b60 I am equally concerned about CVE-2023-42657. CVE-2023-40044 only affects those with the ad-hoc file transfer service, but the directory traversal potentially affects everyone. 

That said, I have ready others say the exploit for CVE-2023-40044 is fairly trivial (not sure if that's true), but I have read nothing about reproducing CVE-2023-42657. 

 @14abadff I would be curious to hear more about how Retools' incident is related to the recent attacks on 0kta customers.