6 matches found
CVE-2019-25468
NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...
CVE-2019-25468
CVE-2019-25468 affects NetGain EM Plus 10.1.68. It enables unauthenticated remote code execution via the script_test.jsp endpoint; an attacker can send POST requests with a malicious shell command embedded in the content parameter to execute code and retrieve output. The vulnerability is describe...
CVE-2019-25468 NetGain EM Plus 10.1.68 Remote Code Execution via script_test.jsp
NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...
NetGain EM Plus 安全漏洞
NetGain EM Plus is a network and system management software developed by NetGain Company in Singapore. Version 10.1.68 of NetGain EM Plus contains a security vulnerability. This vulnerability stems from the parameter handling in the scripttest.jsp endpoint, which may allow unverified attackers to...
CVE-2017-17407
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the content parameter provided ...
CVE-2017-17407
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the content parameter provided ...