CRITICAL
Zohocorp
CVE published 2017-01-23
CVE-2016-6600
CVE-2016-6600 is a critical directory traversal flaw in ZOHO WebNMS Framework file upload handling. According to the supplied NVD record, the issue affects WebNMS Framework 5.2 and 5.2 SP1 and can allow remote attackers to upload and execute arbitrary JSP files through the fileName parameter in servlets/FileUploadServlet.