Summary: Solar Winds Firewall Security Manager was observed to be vulnerable, recently. While following up on this we stumbled upon a public exploit for CVE-2015-2284, userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code. Description: The vulnerability is a source code disclosure related to the underlying Java application … Continue reading “SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)”
