On 30/11/2014, Pedro Ribeiro wrote:
> Hi,
>
> This is part 9 of the ManageOwnage series. For previous parts see [1].
>
>
>>> Technical details:
> Vulnerability: Arbitrary file download
> Constraints: unauthenticated in NetFlow; authenticated in IT360
> Affected versions: NetFlow v8.6 to v9.9; at l
Hi,
This is part 9 of the ManageOwnage series. For previous parts see [1].
Today we have yet another 0 day - an arbitrary file download
vulnerability that be exploited unauthenticated in NetFlow Analyzer
and authenticated in IT360.
I'm releasing this as a 0 day because ManageEngine have been maki