Full title: ABB Cylon Aspect 3.08.01 networkDiagAjax.php Remote Network Utility Execution Vulnerability Category: web applications Platform: php ABB Cylon Aspect version 3.08.01 allows an unauthenticated attacker to perform network operations such as ping, traceroute, or nslookup on arbitrary hosts or IPs by sending a crafted GET request to networkDiagAjax.php. This could be exploited to interact with or probe internal or external systems, leading to internal information disclosure and misuse of network resources. # 0day.today @ http://0day.today/