In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's filesystem with the access rights of NT AUTHORITY\SYSTEM.
References
Link | Resource |
---|---|
https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-23T20:55:25
Updated: 2020-01-23T20:55:25
Reserved: 2019-12-18T00:00:00
Link: CVE-2019-19893
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-23T21:15:12.520
Modified: 2020-01-29T20:50:30.290
Link: CVE-2019-19893
JSON object: View
Redhat Information
No data.
CWE