SAP NetWeaver Directory Traversal (CVE-2020-6286; CVE-2020-6287)

A directory traversal vulnerability exists in SAP NetWeaver. Successful exploitation of this vulnerability could lead to disclosure of file contents accessible by the prime user...

Cisco Prime Infrastructure and EPNM Directory Traversal (CVE-2019-1819)

A directory traversal vulnerability exists in Cisco Prime Infrastructure and Evolved Programmable Network Manager. The vulnerability is due to a lack of proper validation of a user-supplied path prior to using it in file operations. Successful exploitation results in the disclosure of file conten...

Cisco Prime Infrastructure swimtemp TFTP Arbitrary File Upload (CVE-2018-15379)

An arbitrary file upload vulnerability exists in Cisco Prime Infrastructure. The vulnerability is due to the presence of a symbolic link permitting the upload of files into a location where they can be later executed. Successful exploitation could result in the execution of arbitrary code in the...

SRC-2019-0037 : Cisco Prime Infrastructure XmpMultiPathDownloadServlet Directory Traversal Information Disclosure Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Cisco Prime Infrastructure. Authentication is required to exploit this vulnerability. The specific flaw exists within the XmpMultiPathDownloadServlet servlet. The iss...

CVE-2018-15379

A vulnerability in which the HTTP web server for Cisco Prime Infrastructure PI has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This...