CVE-2019-19459
published 2019-12-03CVE-2019-19459: An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.51%
87.7th percentile
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| saltosystem | proaccess_space | <= 5.5 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v5mw-2gc6-7h62: An issue was discovered in SALTO ProAccess SPACE 5
ghsa_unreviewed·2022-05-24·CVSS 8.6
CVE-2019-19460 [HIGH] GHSA-v5mw-2gc6-7h62: An issue was discovered in SALTO ProAccess SPACE 5
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to every single path on the file system, because the webserver is running with the highest privileges available.
GHSA
GHSA-pm2v-2gwc-36m2: An issue was discovered in SALTO ProAccess SPACE 5
ghsa_unreviewed·2022-05-24·CVSS 8.6
CVE-2019-19459 [HIGH] CWE-20 GHSA-pm2v-2gwc-36m2: An issue was discovered in SALTO ProAccess SPACE 5
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://packetstormsecurity.com/files/155525/SALTO-ProAccess-SPACE-5.5-Traversal-File-Write-XSS-Bypass.htmlhttps://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-salto-proaccess-space/https://packetstormsecurity.com/files/155525/SALTO-ProAccess-SPACE-5.5-Traversal-File-Write-XSS-Bypass.htmlhttps://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-salto-proaccess-space/
2019-12-03
Published