Lucene search
K

4 matches found

0day.today
0day.today
added 2017/09/09 12:0 a.m.67 views

Aerohive Networks HiveManager Remote Shell Upload Exploit

Exploit for hardware platform in category web applications I. BACKGROUND Aerohive Networks HiveManager Classic Online NMS is a cloud-enabled enterprise-class management system for Aerohive networking products. HiveManager Classic Online offers simple policy creation, firmware upgrades, and...

7.2CVSS7.6AI score0.013EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/09/08 12:0 a.m.68 views

Aerohive Networks HiveManager Remote Shell Upload

I. BACKGROUND Aerohive Networks HiveManager Classic Online NMS is a cloud-enabled enterprise-class management system for Aerohive networking products. HiveManager Classic Online offers simple policy creation, firmware upgrades, and centralized monitoring of thousands of Aerohive access points,...

0.4AI score0.013EPSS
Exploits3
NVD
NVD
added 2017/09/01 5:29 p.m.11 views

CVE-2017-14105

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at...

7.8CVSS7.8AI score0.013EPSS
Exploits3References1
CVE
CVE
added 2017/09/01 5:0 p.m.54 views

CVE-2017-14105

CVE-2017-14105 affects Aerohive HiveManager Classic through 8.1r1. A local, authenticated attacker (even Tenant-restricted) can abuse the Backup Archive Handler by modifying a backup archive prior to restore, because pathnames inside the archive are not validated. This allows placing a JSP web sh...

7.8CVSS7.7AI score0.013EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder