An issue exists in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an malicious user to execute arbitrary commands on the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
saltosystem proaccess space |