4 matches found
CVE-2019-13598
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port3480/datarequest because the "No unsafe lua allowed" code block is skipped...
CVE-2019-13598
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port3480/datarequest because the "No unsafe lua allowed" code block is skipped...
CVE-2019-13598
LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port3480/datarequest because the "No unsafe lua allowed" code block is skipped...
CVE-2019-13598
CVE-2019-13598 affects Vera Edge Home Controller (version 1.7.4452) via LuaUPnP. A remote, unauthenticated attacker can trigger arbitrary OS commands by passing the code parameter to /port_3480/data_request, because the expected safety check for unsafe Lua code is skipped. This is a remote code e...