Vulnerabilities

CVE-2021-33523

by Fred · 30/03/2022

MashZone NextGen through 10.7 GA allows a remote authenticated user, with access to the admin console, to upload a new JDBC driver that can execute arbitrary commands on the underlying host. This occurs in com.idsscheer.ppmmashup.business.jdbc.DriverUploadController.

Date published : 2022-03-30

https://github.com/blackarrowsec/advisories/tree/master/2021/CVE-2021-33523

https://www.softwareag.com/corporate/products/az/mashzone_nextgen/default

Similar

Tags: Cybersecurity Alert