MidnightBSD

Advisories for hawt.io

CVE-2017-2617 MEDIUM

hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. An attacker could use this vulnerability to upload a crafted file which could be executed on a target machine where hawtio is deployed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-434,

Products Affected

Vendor Product Version
hawt.io hawtio *