JVN#01404851: Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to remote code execution

2017-06-06T00:00:00
ID JVN:01404851
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-06-06T00:00:00

Description

## Description

AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN (IPA) is a hands-on vulnerability learning tool. Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains a remote code execution vulnerability.

## Impact

When accessing a specially crafted URL, an arbitrary code may be executed on the server.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier