Arbitrary File Creation and Code Execution Vulnerability in AlienVault OSSIM SOAP Service

Arbitrary File Creation and Code Execution Vulnerability in AlienVault OSSIM SOAP Service

CVE-2014-4151 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_file request.

Learn more about our Web Application Penetration Testing UK.