Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. id: CVE-2019-7276 info: name: Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console author: daffainfo severity: critical description: | Optergy Proton/Enterprise devices allow Remote Root Cod...

CVE-2019-7276

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...

VulnCheck KEV: CVE-2019-7276

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...

CVE-2019-7276

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...

CVE-2019-7276

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...

Remote code execution

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...

PT-2019-18506 · Optergy · Optergy Proton/Enterprise

Name of the Vulnerable Software and Affected Versions: Optergy Proton/Enterprise devices affected versions not specified Description: The issue allows for remote root code execution via a backdoor console. Recommendations: At the moment, there is no information about a newer version that contains...

CVE-2019-7276

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...

CVE-2019-7276

Optergy Proton/Enterprise BMS is affected by CVE-2019-7276: unauthenticated remote code execution via a backdoor console. Public details show an undocumented backdoor script (Console.jsp) in the tools directory that enables full root access on vulnerable versions (notably 2.0.3a and earlier). Exp...