Solarwinds DameWare Mini Remote Control Arbitrary Code Execution Vulnerability
Description
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM. In version 12.1.0.89 remote attackers can request smart card login and upload and execute an arbitrary exeutable run under the Local System account. Versions prior to 12.1.0.34 contain remote buffer over-read and buffer overflow vulnerabilities.
Affected Applications
Solarwinds DameWare Mini Remote Control