Cisco WAAS Mobile Server < 3.5.5 Remote Code Execution
High Nessus Plugin ID 71841
SynopsisAn application on the remote host is affected by a remote code execution vulnerability.
DescriptionThe remote host has a version of Cisco WAAS Mobile Server prior to version 3.5.5. It is, therefore, affected by a remote code execution vulnerability that can be triggered via a specially crafted HTTP POST request with a directory traversal string to the ReportReceiver.
SolutionUpgrade to Cisco WAAS Mobile Server 3.5.5 or later.