The vulnerability identified as CVE-2026-24673 affects the Open eClass platform, a widely used course management system, formerly known as GUnet eClass. In versions prior to 4.2, the platform improperly validates uploaded files, allowing attackers to circumvent file type restrictions by embedding disallowed file types within ZIP archives. When the application decompresses these archives using its built-in functionality, it extracts and stores files that should have been blocked, effectively bypassing the intended security controls. This vulnerability is categorized under CWE-434, which concerns unrestricted file upload of dangerous types. The CVSS v3.1 base score is 4.3 (medium severity), reflecting that the attack vector is network-based (AV:N), requires low privileges (PR:L), and no user interaction (UI:N). The impact is limited to integrity as attackers can upload potentially malicious files, which could be used for further attacks such as web shell deployment or defacement, but does not directly compromise confidentiality or availability. No known exploits are currently reported in the wild. The vulnerability was publicly disclosed on February 3, 2026, and fixed in Open eClass version 4.2. The lack of patch links suggests users should refer to official vendor resources for updates. The issue highlights the risks of insufficient file validation combined with decompression features in web applications handling user uploads.

For European organizations, particularly educational institutions and universities using Open eClass, this vulnerability poses a risk of unauthorized file uploads that could lead to integrity breaches. Attackers could upload malicious scripts or executables disguised within ZIP files, potentially enabling web shell access or defacement of course materials. While confidentiality and availability impacts are limited, the integrity compromise could disrupt educational services and damage institutional reputation. Given the widespread use of Open eClass in Greece and other European countries, exploitation could affect sensitive academic data and user trust. The vulnerability could also serve as a foothold for lateral movement or further attacks within the network if combined with other vulnerabilities. Organizations failing to upgrade or implement compensating controls remain exposed to these risks.

The primary mitigation is to upgrade Open eClass installations to version 4.2 or later, where the vulnerability has been patched. In addition, organizations should implement strict server-side validation of uploaded files, including verifying file extensions, MIME types, and scanning contents for malicious code before decompression. Disabling or restricting automatic decompression of user-uploaded archives can reduce risk. Employing application-layer firewalls or intrusion detection systems to monitor and block suspicious upload activity is recommended. Regularly auditing file upload directories and permissions can help detect and contain unauthorized files. Educating administrators about the risks of file upload vulnerabilities and maintaining timely patch management processes are essential to prevent exploitation.