3 matches found
CVE-2019-2557
creationtimestamp| type| source ---|---|--- 2019-05-24 12:00:04+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/oatsdownloadservlettraversal.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:15+00:00|...
CVE-2019-2557
CVE-2019-2557 affects the Oracle Application Testing Suite (OATS) Load Testing for Web Apps, specifically version 13.3.0.1. The Red Hat/Oracle records describe a post-auth vulnerability in the DownloadServlet used to serve templates (mapped at /download). An authenticated (post-auth) attacker can...
Oracle Application Testing Suite DownloadServlet Directory Traversal Remote Code Execution
Oracle Application Testing Suite versions 13.3.0.1 and prior are vulnerable to a directory traversal attack. An attacker could leverage this to steal sensitive credentials, decrypt them, gain privileges, and get remote code execution. Recent assessments: wchen-r7 at May 09, 2019 5:57pm UTC...