CVE-2019-25257

Summary

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command, ocr.Tesseract.path, and other system paths to execute arbitrary system commands with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
LogicalDOC SrlLogicalDOC Enterprise7.7.4affected
LogicalDOC SrlLogicalDOC Enterprise7.7.3affected
LogicalDOC SrlLogicalDOC Enterprise7.7.2affected
LogicalDOC SrlLogicalDOC Enterprise7.7.1affected
LogicalDOC SrlLogicalDOC Enterprise7.6.4affected
LogicalDOC SrlLogicalDOC Enterprise7.6.2affected
LogicalDOC SrlLogicalDOC Enterprise7.5.1affected
LogicalDOC SrlLogicalDOC Enterprise7.4.2affected
LogicalDOC SrlLogicalDOC Enterprise7.1.1affected

Weaknesses

  • CWE-426: Untrusted Search Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

Additional References

References