|
Family: CGI abuses --> Category: infos
Unify eWave ServletExec 3.0C file upload Vulnerability Scan
Vulnerability Scan Summary Unify eWave ServletExec 3.0C file upload
Detailed Explanation for this Vulnerability Test
ServletExec has a servlet called 'UploadServlet' in its server
side classes. UploadServlet, when invokable, allows an
attacker to upload any file to any directory on the server. The
uploaded file may have code that can later be executed on the
server, leading to remote command execution.
Solution : Remove it
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|