메뉴 건너뛰기

GREATUSER

cve

CVE-2017-16610

관리자 2018.01.25 04:00 조회 수 : 11

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4751.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16610
번호 제목 글쓴이 날짜 조회 수
542 CVE-2018-1000013 관리자 2018.01.25 9
541 CVE-2018-1000011 관리자 2018.01.25 11
540 CVE-2018-1000010 관리자 2018.01.25 10
539 CVE-2018-1000009 관리자 2018.01.25 9
538 CVE-2018-1000008 관리자 2018.01.25 10
537 CVE-2018-6029 관리자 2018.01.25 12
536 CVE-2017-18048 관리자 2018.01.25 9
535 CVE-2018-6022 관리자 2018.01.25 137
534 CVE-2017-18049 관리자 2018.01.25 9
533 CVE-2017-17406 관리자 2018.01.25 13
532 CVE-2017-17407 관리자 2018.01.25 10
» CVE-2017-16610 관리자 2018.01.25 11
530 CVE-2017-16606 관리자 2018.01.25 11
529 CVE-2017-16604 관리자 2018.01.25 14
528 CVE-2017-16607 관리자 2018.01.25 12
위로