EUVD-2017-5617

Malware in sbrugna...

Aerohive Networks HiveManager Remote Shell Upload Exploit

Exploit for hardware platform in category web applications I. BACKGROUND Aerohive Networks HiveManager Classic Online NMS is a cloud-enabled enterprise-class management system for Aerohive networking products. HiveManager Classic Online offers simple policy creation, firmware upgrades, and...

Aerohive Networks HiveManager Remote Shell Upload

I. BACKGROUND Aerohive Networks HiveManager Classic Online NMS is a cloud-enabled enterprise-class management system for Aerohive networking products. HiveManager Classic Online offers simple policy creation, firmware upgrades, and centralized monitoring of thousands of Aerohive access points,...

CVE-2017-14105

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at...

Design/Logic Flaw

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at...

CVE-2017-14105

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at...

CVE-2017-14105

CVE-2017-14105 affects Aerohive HiveManager Classic through 8.1r1. A local, authenticated attacker (even Tenant-restricted) can abuse the Backup Archive Handler by modifying a backup archive prior to restore, because pathnames inside the archive are not validated. This allows placing a JSP web sh...

CVE-2017-14105

HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker – even restricted as a tenant – can add a jsp at...

Struts2-045 Remote Code Execution Vulnerability in Aerohive Networks-HiveManager Online Web Management System

Aerohive Networks - HiveManager is an online web WEB management system. Aerohive Networks - HiveManager online web management system uses Struts2 framework as middleware, leading to a remote code execution vulnerability. This allows an attacker to gain server privileges by adding a payload for...

Aerohive Aerohive Network Device Management System suffers from s2-045 Remote Command Execution Vulnerability

Aerohive Networks HiveManager NMS is the management system for Aerohive's networking products.HiveManager enables simple policy creation, firmware upgrades, configuration updates, and centralized monitoring from a single console. Aerohive network equipment management system website packaging usin...