ABB Cylon Aspect 3.08.00 (fileSystemUpdate.php) Insecure File Upload

A vulnerability exists in the fileSystemUpdate.php endpoint of the ABB BEMS controller due to improper handling of uploaded files. The endpoint lacks restrictions on file size and type, allowing attackers to upload excessively large or malicious files. This flaw could be exploited to cause Denial-of-Service (DoS) attacks, memory leaks, or buffer overflows, potentially leading to system crashes or further compromise.