3 matches found
CVE-2014-9373
Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. dot dot in the filename...
CVE-2014-9373
CVE-2014-9373 : A directory traversal vulnerability in the CollectorConfInfoServlet of ManageEngine NetFlow Analyzer allows remote code execution via a .. path component in uploaded filenames. Public sources (ZDI-14-422, NVD entry) describe that the flaw enables code execution with SYSTEM context...
Netflow Analyzer Arbitrary File Download
An attacker can exploit this issue using directory-traversal strings to view files in the context of the web server process. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...