CVE-2017-16605
Last modified
CVE-2017-16605 is a vulnerability of currently unknown severity. This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. EPSS estimates a 2.48% chance of exploitation in the next 30 days.
Description
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.db.save_005fattrs_jsp servlet, which listens on TCP port 8081 by default. When parsing the id parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5196.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netgain-Systems | Enterprise Manager | 7.2.730 |
References
- http://www.securityfocus.com/bid/102512Third Party Advisory, VDB Entry
- https://zerodayinitiative.com/advisories/ZDI-17-970Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/102512Third Party Advisory, VDB Entry
- https://zerodayinitiative.com/advisories/ZDI-17-970Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-16605?
How severe is CVE-2017-16605?
How do I fix CVE-2017-16605?
Are you affected by CVE-2017-16605?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST