As is probably obvious to other readers, I did indeed notify NNT by
email of the vulnerability before making it public - as mentioned in
my initial disclosue. I'm not sure what possible reason anyone would
have to say that if it were not true.
Glad to see you apparently did the right thing and
Background
--
NNT Change Tracker Enterprise is a commercial product created by
UK-based New Net Technologies, and is designed to detect changes to
PC, server and network device configurations. The central component
'Core Server' is sent change data from 'Remote Angels' that monitor
remote