3 matches found
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19460
SALTO ProAccess SPACE 5.4.3.0 is affected by CVE-2019-19458 (Directory Traversal in Data Export) and CVE-2019-19459 (arbitrary file writes and command execution on the server). These flaws allow an attacker to write arbitrary content to arbitrary files, with exploitation demonstrated against the ...