CVE-2012-1195

Name of the Vulnerable Software and Affected Versions Lenovo ThinkManagement Console version 9.0.3

Description The issue allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request to the /ServerSetup.asmx API endpoint, and then accessing the file via a direct request to the file in the web root.

Recommendations For Lenovo ThinkManagement Console version 9.0.3, consider restricting access to the ServerSetup.asmx web service to minimize the risk of exploitation. Avoid using the PutUpdateFileCore command in RunAMTCommand SOAP requests until the issue is resolved. Restrict file uploads to only allow non-executable file extensions.