Lucene search
Sghctoma /praudit/ZDI-14-372HistoryNov 03, 2014 - 12:00 a.m.
(0Day) Visual Mining NetCharts Server File Upload Remote Code Execution Vulnerability
2014-11-0300:00:00
sghctoma /praudit/
www.zerodayinitiative.com
11
0.965 High
EPSS
Percentile
99.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Visual Mining NetCharts Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of file uploads. The issue lies in the failure to sanitize the path of files uploaded, allowing for them to be placed within directories accessible through the service. An attacker can leverage this vulnerability to execute code as SYSTEM.
Related
cve
cve
CVE-2014-8516
2020-01-03 21:15:11
nvd
nvd
CVE-2014-8516
2020-01-03 21:15:11
zdt
zdt
Visual Mining NetCharts Server Remote Code Execution Exploit
2014-11-07 00:00:00
packetstorm
packetstorm
Visual Mining NetCharts Server Remote Code Execution
2014-11-07 00:00:00
prion
prion
Unrestricted file upload
2020-01-03 21:15:00
nessus
nessus
Visual Mining NetCharts Server Arbitrary File Upload
2014-12-17 00:00:00
checkpoint_advisories
checkpoint_advisories
dsquare
dsquare
Visual Mining NetCharts Server 7.0 File Upload
2014-11-13 00:00:00
cvelist
cvelist
CVE-2014-8516
2020-01-03 20:08:32