An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-03T19:02:20
Updated: 2024-08-05T02:16:47.288Z
Reserved: 2019-11-29T00:00:00
Link: CVE-2019-19459
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-03T20:15:11.543
Modified: 2024-11-21T04:34:46.807
Link: CVE-2019-19459
Redhat
No data.