Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2019-15766
HistoryOct 03, 2019 - 9:15 p.m.

Remote code execution

2019-10-0321:15:00
PRIOn knowledge base
www.prio-n.com
6

8.7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON

The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the arbitrary file to be written to (and the config_text parameter set to the content of the file to be created). This can be a PHP file that is written to in the public web directory and subsequently executed. The attacker must have network connectivity to the PHP server that is running on the Android device.

CPENameOperatorVersion
kswebeq3.93

Related

cve 1
cvelist 1
nvd 1
cve
cve
CVE-2019-15766
2019-10-03 21:15:10
cvelist
cvelist
CVE-2019-15766
2019-10-03 20:02:13
nvd
nvd
CVE-2019-15766
2019-10-03 21:15:10

8.7 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.9%

JSON
Related for PRION:CVE-2019-15766
cve1cvelist1nvd1