The host is installed with Apache Tomcat 7.x before 7.0.40 and is prone to unrestricted file upload vulnerability. A flaw is present in the application, which fails to properly handle outdated java.io.File code and a custom JMX configuration. Successful exploitation allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.