Vulnerability in Unify Ewave_servletexec
CVE-2000-1024
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
EPSS: 0.051 (91.3th percentile) — read the EPSS interpretation.
Affected products
- Unify Ewave_servletexec — versions 3.0c
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)