CVE-2019-25468
Received Received - Intake
Remote Code Execution in NetGain EM Plus via script_test.jsp

Publication date: 2026-03-11

Last updated on: 2026-03-11

Assigner: VulnCheck

Description
NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the script_test.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content' parameter to execute code and retrieve command output.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-11
Generated
2026-06-16
AI Q&A
2026-03-11
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25468
EUVD
EUVD-2019-19740
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
netgain em_plus 10.1.68
netgain em_plus to 10.1.68 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "This vulnerability exists in NetGain EM Plus version 10.1.68 and earlier, where an unauthenticated attacker can remotely execute arbitrary system commands. The flaw is in the script_test.jsp endpoint, which improperly validates input parameters. By sending a specially crafted HTTP POST request with shell commands embedded in the 'content' parameter, an attacker can execute commands on the server and retrieve their output."}, {'type': 'paragraph', 'content': "The exploit involves sending POST requests with parameters such as 'type=sh' and 'content' containing shell commands wrapped between unique markers to delimit command output. This allows remote code execution without authentication."}] [1]

Impact Analysis

This vulnerability can have severe impacts as it allows unauthenticated attackers to execute arbitrary commands on the affected system remotely. This can lead to full system compromise, unauthorized data access, data modification, disruption of services, and potentially the deployment of malware or ransomware.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending a specially crafted HTTP POST request to the vulnerable endpoint `/u/jsp/designer/script_test.jsp` on the target server.'}, {'type': 'paragraph', 'content': 'The POST request should have the content-type `application/x-www-form-urlencoded` and include parameters such as `type=sh` and `content` containing shell commands wrapped between unique markers (e.g., `0xdeadnoob`) to delimit command output.'}, {'type': 'paragraph', 'content': 'A sample command to test for the vulnerability could be a curl command like:'}, {'type': 'list_item', 'content': 'curl -k -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "type=sh&content=echo 0xdeadnoob;id;echo 0xdeadnoob" https://target-server/u/jsp/designer/script_test.jsp'}, {'type': 'paragraph', 'content': 'If the server responds with HTTP status 200 and the output of the `id` command wrapped between the markers, it indicates the presence of the vulnerability.'}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25468. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart