2 matches found
CVE-2017-16602
CVE-2017-16602 affects NetGain Systems Enterprise Manager 7.2.730 build 1034. The vulnerability is in the org.apache.jsp.u.jsp.tools.exec_jsp servlet (listening on port 8081 by default) where the command parameter is not properly validated before being used in a system call, allowing remote code ...
NetGain Systems Enterprise Manager exec_jsp Command Execution (CVE-2017-16602)
A command execution vulnerability exists in NetGain Systems Enterprise Manager. The vulnerability is due improper validation of command HTTP parameter. A remote, authenticated attacker can exploit this vulnerability by sending crafted requests to a vulnerable server...