CVE-2019-1584
published 2019-10-09CVE-2019-1584: A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious…
PriorityP358critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.84%
84.9th percentile
A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | zingbox_inspector | — | — |
| zingbox | inspector | <= 1.293 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mfwq-256c-f254: A security vulnerability exists in Zingbox Inspector version 1
ghsa_unreviewed·2022-05-24
CVE-2019-1584 [CRITICAL] CWE-77 GHSA-mfwq-256c-f254: A security vulnerability exists in Zingbox Inspector version 1
A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint.
Palo Alto
Remote Command Injection in Zingbox Inspector
vendor_paloalto·2019-10-01·CVSS 9.8
CVE-2019-1584 [CRITICAL] CWE-20 Remote Command Injection in Zingbox Inspector
Remote Command Injection in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. (Ref: CVE-2019-1584)
This vulnerability can only be triggered by malicous commands sent by the Zingbox cloud to the Zingbox Inspector software. The Zingbox Inspector is configured to connect only to an authorized Zingbox cloud, which is authenticated using PKI. The vulnerability allows for remote code execution only if the Zingbox Inspector or Zingbox cloud are tampered with in order to send malicious commands to the Zingbox Inspector software.
This issue affects Zingbox Inspector, versions 1.29
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-10-09
Published