Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 23/01/2020 Updated: 29/01/2020

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 9.9 | Impact Score: 6 | Exploitability Score: 3.1

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine Service share. The default file permissions of the IXP$ share on the server allows modification of directories and files (e.g., bat-scripts), which allows execution of code in the context of NT AUTHORITY\SYSTEM on the target server and clients.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ixpdata easyinstall 6.2.13723

CWE-276 https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-19896

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect