2 matches found
CVE-2017-16605
Summary: CVE-2017-16605 affects NetGain Systems Enterprise Manager 7.2.730 build 1034. The vulnerability is in the org.apache.jsp.u.jsp.db.save_005fattrs_jsp servlet (listening on port 8081 by default) and arises from improper validation of a user-supplied path in the id parameter, enabling a dir...
NetGain Systems Enterprise Manager db.save_005fattrs_jsp id Directory Traversal Arbitrary File Overwrite Vulnerability
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...