CVE-2019-13551
N/A
N/A
Summary
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Advantech WISE-PaaS/RMM | Versions 3.3.29 and prior | affected |
Weaknesses
- CWE-22: IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22
ADP Enrichment
CVE Program Container
Additional References
- https://www.us-cert.gov/ics/advisories/icsa-19-304-01
- https://www.zerodayinitiative.com/advisories/ZDI-19-935/
- https://www.zerodayinitiative.com/advisories/ZDI-19-950/
- https://www.zerodayinitiative.com/advisories/ZDI-19-941/
- https://www.zerodayinitiative.com/advisories/ZDI-19-958/
References
- https://www.us-cert.gov/ics/advisories/icsa-19-304-01
- https://www.zerodayinitiative.com/advisories/ZDI-19-935/
- https://www.zerodayinitiative.com/advisories/ZDI-19-950/
- https://www.zerodayinitiative.com/advisories/ZDI-19-941/
- https://www.zerodayinitiative.com/advisories/ZDI-19-958/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.