CVE ID
CVE-2017-7281
DESCRIPTION
An issue in recoveryconsole/bpl/reports.php allowed a remote user to write arbitrary data to a report file and subsequently execute the file as a php script.
RESOLUTION
Unitrends Risk Assessment: None.
Resolved with latest security update as of 04/17/2017.
LINK TO ADVISORIES
NOTES