CVE-2014-9373 Information

Description

Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote attackers to execute arbitrary code via a .. (dot dot) in the filename.

Reference

http://www.zerodayinitiative.com/advisories/ZDI-14-422/