Xorux Lpar2rrd Stor2rrd Remote Command Execution through File Upload
Xorux-critical-vulnerability CVE-2019-19041 Xorux Lpar2rrd Stor2rrd Remote Command Execution through File Upload (CVE-2019-19041) Gatien Goteni - BSI Group, 2019 There is a Remote Command Injection in the xorux lpar2rrd and stor2rrd applications via the “Tool upgrade” functionality The application does not correctly verify for the integrity of the upgrade package