WebNMS Framework Multiple Vulnerabilities

WebNMS is an industry-leading framework for building network management applications.

Multiple vulnerabilities including Remote Code Execution, File Download and Weak Encryption have been identified in WebNMS Framework.

Affected Versions:
WebNMS Framework version 5.2 SP1
WebNMS Framework version 5.2, prior versions may also be affected

An unauthenticated remote attacker can exploit these vulnerabilities to download files from target system, upload malicious files to execute arbitrary code on the target, hijack 'root' user's session or steal users' passwords.

The vendor has not fixed these vulnerabilities. Please contact WebNMS to fix these vulnerabilities.