Lucene search

K

Netgain-systems Security Vulnerabilities

cve
cve

CVE-2018-10587

NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code...

7.2CVSS

7.3AI Score

0.002EPSS

2018-11-01 05:29 PM
20
cve
cve

CVE-2018-10586

NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities in versions before...

4.8CVSS

5AI Score

0.001EPSS

2018-11-01 05:29 PM
20
cve
cve

CVE-2017-17407

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the content parameter provided...

9.8CVSS

9.7AI Score

0.029EPSS

2018-01-23 01:29 AM
27
cve
cve

CVE-2017-16608

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper validation of a...

9.8CVSS

9.7AI Score

0.031EPSS

2018-01-23 01:29 AM
23
cve
cve

CVE-2017-16607

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within heapdumps.jsp. The issue results from the lack of proper validation.....

7.5CVSS

7.4AI Score

0.009EPSS

2018-01-23 01:29 AM
19
cve
cve

CVE-2017-16610

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issue results from the lack of proper validation of.....

9.8CVSS

9.7AI Score

0.074EPSS

2018-01-23 01:29 AM
23
cve
cve

CVE-2017-16609

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within download.jsp. The issue results from the lack of proper validation...

7.5CVSS

7.3AI Score

0.01EPSS

2018-01-23 01:29 AM
23
cve
cve

CVE-2017-16604

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw.....

6.5CVSS

6.5AI Score

0.002EPSS

2018-01-23 01:29 AM
21
cve
cve

CVE-2017-16605

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw.....

6.5CVSS

6.5AI Score

0.001EPSS

2018-01-23 01:29 AM
19
cve
cve

CVE-2017-17406

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry, which listens on TCP ports 1800 and 1850 by...

9.8CVSS

9.8AI Score

0.027EPSS

2018-01-23 01:29 AM
24
cve
cve

CVE-2017-16606

This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The....

8.8CVSS

8.9AI Score

0.605EPSS

2018-01-23 01:29 AM
18
cve
cve

CVE-2017-16602

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS

9.1AI Score

0.124EPSS

2018-01-23 01:29 AM
18
cve
cve

CVE-2017-16597

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the.....

9.8CVSS

9.7AI Score

0.719EPSS

2018-01-23 01:29 AM
19
cve
cve

CVE-2017-16595

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific.....

6.5CVSS

6.5AI Score

0.007EPSS

2018-01-23 01:29 AM
21
cve
cve

CVE-2017-16591

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific.....

6.5CVSS

6.5AI Score

0.007EPSS

2018-01-23 01:29 AM
27
cve
cve

CVE-2017-16599

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.5CVSS

6.7AI Score

0.006EPSS

2018-01-23 01:29 AM
19
cve
cve

CVE-2017-16592

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific.....

6.5CVSS

6.5AI Score

0.007EPSS

2018-01-23 01:29 AM
26
cve
cve

CVE-2017-16593

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.5CVSS

6.5AI Score

0.002EPSS

2018-01-23 01:29 AM
23
cve
cve

CVE-2017-16590

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. User interaction is required to exploit this vulnerability. The specific flaw exists within the MainFilter servlet. The issue results from the...

8.8CVSS

8.9AI Score

0.024EPSS

2018-01-23 01:29 AM
21
cve
cve

CVE-2017-16601

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw.....

6.5CVSS

6.5AI Score

0.002EPSS

2018-01-23 01:29 AM
23
cve
cve

CVE-2017-16596

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific.....

6.5CVSS

6.5AI Score

0.007EPSS

2018-01-23 01:29 AM
18
cve
cve

CVE-2017-16603

This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The....

8.8CVSS

9AI Score

0.605EPSS

2018-01-23 01:29 AM
20
cve
cve

CVE-2017-16594

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.5CVSS

6.8AI Score

0.002EPSS

2018-01-23 01:29 AM
23
cve
cve

CVE-2017-16598

This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed......

8.8CVSS

8.9AI Score

0.605EPSS

2018-01-23 01:29 AM
17
cve
cve

CVE-2017-16600

This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

6.5CVSS

6.5AI Score

0.001EPSS

2018-01-23 01:29 AM
23