메뉴 건너뛰기

GREATUSER

cve

CVE-2017-16610

관리자 2018.01.25 04:00 조회 수 : 11

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4751.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16610
번호 제목 글쓴이 날짜 조회 수
572 CVE-2017-0026 관리자 2017.03.18 0
571 CVE-2017-0030 관리자 2017.03.18 0
570 CVE-2017-0040 관리자 2017.03.18 0
569 CVE-2017-0039 관리자 2017.03.18 0
568 CVE-2017-0043 관리자 2017.03.18 0
567 CVE-2017-0050 관리자 2017.03.18 0
566 CVE-2017-0066 관리자 2017.03.18 0
565 CVE-2017-0069 관리자 2017.03.18 0
564 CVE-2017-0094 관리자 2017.03.18 0
563 CVE-2017-0095 관리자 2017.03.18 0
562 CVE-2017-0096 관리자 2017.03.18 0
561 CVE-2017-0084 관리자 2017.03.18 0
560 CVE-2017-0086 관리자 2017.03.18 0
559 CVE-2017-0098 관리자 2017.03.18 0
558 CVE-2017-0088 관리자 2017.03.18 0
위로