2 matches found
CVE-2017-16608
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper validation of a...
CVE-2017-16608
Netgain Enterprise Manager is affected by a remote code execution vulnerability in exec.jsp caused by improper validation of a user-supplied string before invoking a system call. Pre-auth exploitation is possible, allowing an attacker to run code in the current user context over the network. The ...