eWave ServletExec 3.0C and previous versions does not restrict access to the UploadServlet Java/JSP servlet, which allows remote malicious users to upload files and execute arbitrary commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
unify ewave servletexec 3.0c |