CVE-2019-11031
CVE-2019-11031 affects Mirasys VMS before v7.6.1 and 8.x before v8.3.2. The flaw arises from mishandling the auto-update feature (IDVRUpdateService2 in DVRServer.exe), enabling an attacker to upload files via a Setup-Files action and then execute them with SYSTEM privileges. Impact is high, with ...