2 matches found
CVE-2017-16600
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...
CVE-2017-16600
NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by CVE-2017-16600 due to a directory traversal in the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet. The flaw occurs when parsing the filename parameter, which is used for file operations without pro...