SUMMARY
The following vulnerability was found in LISTSERV Maestro 9.0-8 and prior.
A unauthenticated remote code execution vulnerability was found in the LISTSERV Maestro software, version 9.0-8 and prior. This vulnerability stems from a known issue in struts, CVE-2010-1870, that allows for code execution via OGNL Injection. This vulnerability has been confirmed to be exploitable in both the Windows and Linux version of the software and has existed in the LISTSERV Maestro software since at least version 8.1-5.
IMPACT
Access Vector: REMOTE
Access Complexity: LOW
Authentication: NOT REQUIRED TO EXPLOIT
Impact Type: CODE EXECUTION
Privilege Level: VARIES