Remote Code Execution via File Upload in Hawtio

Remote Code Execution via File Upload in Hawtio

CVE-2017-2617 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed.

Learn more about our Web Application Penetration Testing UK.