Laminar Research X-Plane OS Command Injection Vulnerability

Laminar Research X-Plane is a flight simulator from the American company Laminar Research. An operating system command injection vulnerability exists in Laminar Research X-Plane version 11.41 and prior versions, which stems from the program failing to perform proper path checking. The vulnerabili...

CVE-2019-19606

X-Plane before 11.41 has multiple improper path validations that could allow reading and writing files from/to arbitrary paths or a leak of OS credentials to a remote system via crafted network packets. This could be used to execute arbitrary commands on the system...