19 matches found
CVE-2026-11889
SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...
CVE-2026-11889 SALTO ProAccess Space Authorization Bypass Through User-Controlled Key
SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...
CVE-2026-11889
CVE-2026-11889 concerns SALTO ProAccess Space software with the tenancy/partition feature. The issue enables privilege escalation that could let an authenticated attacker access any space managed by the affected installation. Exploitation requires valid authenticated operator credentials and the ...
SALTO ProAccess Space
ADVISORY SUMMARY Successful exploitation of this vulnerability allows an authenticated attacker to escalate privileges and access spaces outside their assigned partition, within the same Salto ProAccess Space installation or system. Exploitation requires valid authenticated operator credentials...
EUVD-2019-9078
Malware in sbrugna...
EUVD-2019-9079
Malware in sbrugna...
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS...
CVE-2019-19459
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...
CVE-2019-19457
SALTO ProAccess SPACE 5.4.3.0 allows XSS...
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data Export feature...
CVE-2019-19459
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server...
CVE-2019-19460
An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product's webserver runs as a Windows service with local SYSTEM permissions by default. This is against the principle of least privilege. An attacker who is able to exploit CVE-2019-19458 or CVE-2019-19459 is basically able to write to...
SALTO ProAccess SPACE Arbitrary File Write Vulnerability
Salto Systems ProAccess SPACE is a web-based access control management tool from Salto Systems, Spain. A security vulnerability exists in Salto Systems ProAccess SPACE version 5.4.3.0. An attacker can exploit the vulnerability to write arbitrary files...
SALTO ProAccess SPACE Path Traversal Vulnerability
Salto Systems ProAccess SPACE is a web-based access control management tool from Salto Systems, Spain. A path traversal vulnerability exists in Salto Systems ProAccess SPACE version 5.4.3.0. The vulnerability stems from a failure of a networked system or product to properly filter special element...
Unspecified Vulnerability in SALTO ProAccess SPACE
Salto Systems ProAccess SPACE is a web-based access control management tool from Salto Systems, Spain. A security vulnerability exists in Salto Systems ProAccess SPACE version 5.4.3.0. An attacker can exploit the vulnerability to perform a write operation to an arbitrary path on the file system...
SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass Vulnerabilities
SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities. ======================================================================= title:...
SALTO ProAccess SPACE Cross-Site Scripting Vulnerability
Salto Systems ProAccess SPACE is a web-based access control management tool from Salto Systems, Spain. A cross-site scripting vulnerability exists in Salto Systems ProAccess SPACE version 5.4.3.0. The vulnerability stems from a lack of proper validation of client data by the WEB application. An...