Lucene search

Lenovo Thinkmanagement Console Security Vulnerabilities - February

cve

CVE-2012-1195

Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore com...

7.7AI Score

0.152EPSS

2012-02-18 12:55 AM

111

cve

CVE-2012-1196

Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request.

6.9AI Score

0.127EPSS

2012-02-18 12:55 AM

114