CyberSec.Space Logo
CVEブラウザに戻る

CVE-2000-1024

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile34.12th
Published2000年12月11日
Last Modified2026年4月16日

Vulnerability Description

eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.

Affected Platforms (CPE)

📦
Unify

Ewave Servletexec

= 3.0c

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=97306581513537&w=2
🔗 http://www.securityfocus.com/bid/1876
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5450
🔗 http://marc.info/?l=bugtraq&m=97306581513537&w=2
🔗 http://www.securityfocus.com/bid/1876
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/5450

関連する脆弱性情報

CVE-2000-04987.5

Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP e...

CVE-2000-10255.0

eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a U...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...