CVE-2019-17327

Name of the Vulnerable Software and Affected Versions JEUS versions 7.0 through 7.5 JEUS versions 8.0 through 8.1

Description The issue is caused by an improper input parameter check when uploading an installation file in the administration web page, leading to a directory traversal vulnerability. This allows a remote attacker to execute arbitrary code via an uploaded file.

Recommendations For JEUS versions 7.0 through 7.5, update to a version that includes the fix for the directory traversal vulnerability. For JEUS versions 8.0 through 8.1, update to a version that includes the fix for the directory traversal vulnerability. As a temporary workaround, consider restricting access to the administration web page to minimize the risk of exploitation.