Apache NetBeans CVE-2018-17191 Remote Command Execution Vulnerability

Apache NetBeans is prone to a remote command-execution vulnerability.

Exploiting this issue could allow an attacker to execute arbitrary commands in the context of the affected application.

NetBeans 9.0 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 106352
Class: Input Validation Error
CVE: CVE-2018-17191

Remote: Yes
Local: No
Published: Dec 30 2018 12:00AM
Updated: Dec 30 2018 12:00AM
Credit: Moritz Bechler
Vulnerable: Apache NetBeans 9.0

Not Vulnerable: Apache NetBeans 10.0

Exploit

An attacker can exploit this issue using readily available tools.

References:

Apache Homepage (Apache)
[CVE-2018-17191] Apache NetBeans 9.0 Proxy Auto-Configuration (PAC) interpretati (Seclists.org)

Source: www.securityfocus.com

Exploit Collector

Search Exploit