CVE-2017-16609
23.01.2018, 01:29
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within download.jsp. The issue results from the lack of proper validation of a user-supplied string before using it to download a file. An attacker can leverage this vulnerability to expose sensitive information. Was ZDI-CAN-4750.Enginsight
| Vendor | Product | Version |
|---|---|---|
| netgain-systems | enterprise_manager | 𝑥 < 7.2.766 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-39 - Path Traversal: 'C:dirname'An attacker can inject a drive letter or Windows volume letter ('C:dirname') into a software system to potentially redirect access to an unintended location or arbitrary file.
- CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.