3 matches found
CVE-2017-16598
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...
Design/Logic Flaw
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...
CVE-2017-16598
The vulnerability CVE-2017-16598 affects NetGain Systems Enterprise Manager (7.2.730 build 1034). The flaw resides in the org.apache.jsp.u.jsp.tools.snmpwalk.snmpwalk_005fdo_jsp servlet (listening on port 8081 by default). It fails to validate a user-supplied ip path before using it in file opera...