Remote Code Execution via File Upload in Hawtio
CVE-2017-2617 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed.
Learn more about our Web Application Penetration Testing UK.