Arbitrary File Upload and Execution Vulnerability in Novell ZENworks Configuration Management (ZCM)

Arbitrary File Upload and Execution Vulnerability in Novell ZENworks Configuration Management (ZCM)

CVE-2015-0781 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.