2 matches found
CVE-2017-17407
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the content parameter provided ...
CVE-2017-17407
NetGain Systems Enterprise Manager v7.2.699 build 1001 is affected by a remote code execution vulnerability in the script_test.jsp endpoint, where a crafted content parameter can cause a system call execution using a user-supplied string. No authentication is required, enabling attackers to run c...