Summary
ServletExec has a servlet called 'UploadServlet' in its server side classes. UploadServlet, when invokable, allows an attacker to upload any file to any directory on the server. The uploaded file may have code that can later be executed on the server, leading to remote command execution.
Solution
Remove it
Severity
Classification
-
CVE CVE-2000-1024 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apple Safari RSS Feed Information Disclosure Vulnerability
- ARRIS 2307 Unprotected Web Console
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Arkeia Appliance Multiple Vulnerabilities