Full title: Pulse Secure VPN Remote Code Execution Exploit 
Category: remote exploits
Platform: multiple
The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. Admin credentials are required for successful exploitation.

# 0day.today @ http://0day.today/