2 matches found
NetGain Systems Enterprise Manager Insecure Deserialization (CVE-2017-17406)
An insecure deserialization vulnerability exists in the NetGain Systems Enterprise Manager. The vulnerability is due to the lack of input validation on objects in the RMI Registry before deserializing them. Successful exploitation can result in arbitrary code execution on the affected system...
CVE-2017-17406
Netgain Enterprise Manager is affected by an insecure deserialization vulnerability in its RMI Registry. The issue arises from improper validation of user-supplied data, allowing remote code execution with no authentication through the exposed RMI service listening on TCP ports 1800 and 1850. Thi...